TechQA.

Hashing passwords in Node.js the same way as in Drupal 7

321 views Asked by At

I'm trying to migrate users from Drupal 7 to another project on node.js.

And I need to keep existing passwords for all of them. That means I need to hash passwords the same way is Drupal does.

Drupal use SHA512 by default with a salt. They run the hash through PHP's hash function numerous times to increase the computation cost of generating a password's final hash (a security technique called stretching).

The problem is, user_hash_password() which does hashing, seems to be quite custom. I don't really want to revers engineer it and reinvent the wheel.

The question is, are there any libraries on node.js that can do that?

node.js drupal hash passwords sha512
Original Q&A
1

There are 1 answers

0
mrded On BEST ANSWER

It can be done with drupal-hash module.

Check existing password

var drupalHash = require('drupal-hash');

var clearPassword = 'superpassword';
var passwordHash = '$S$DODRFsy.GX2iSkl2zJ4fsrGRt2S0FOWu0JSA3BqAmSayESbcY3w9';
var isValid = drupalHash.checkPassword(clearPassword, passwordHash);
// returns true or false

Hash new password

var drupalHash = require('drupal-hash');

var newPassword = 'superpassword';
var passwordHash = drupalHash.hashPassword(newPassword);
// returns something like '$S$DODRFsy.GX2iSkl2zJ4fsrGRt2S0FOWu0JSA3BqAmSayESbcY3w9'

Check if an old password needs updated

var drupalHash = require('drupal-hash');

var passwordHash = '$P$DxTIL/YfZCdJtFYNh1Ef9ERbMBkuQ91';
var needsHash = drupalHash.needsNewHash(passwordHash);
// return true or false

Related Questions in NODE.JS

Related Questions in DRUPAL

Related Questions in HASH

Related Questions in PASSWORDS

Related Questions in SHA512

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions