我有一个想要哈希的字符串。在node.js中生成哈希最简单的方法是什么?

散列用于版本控制,而不是安全性。


当前回答

使用PBKDF2在NodeJs中进行密码哈希

const pbkdf2 = require("pbkdf2");
const crypto = require("crypto");

// UserSchema
//...

// Method to create pbkdf2 hash from plain text
UserSchema.methods.createHash = async function (plainTextPassword) {

  // Generate a salt and then create hash
  const salt = crypto.randomBytes(16).toString("hex");
  const hashedPassword = pbkdf2
    .pbkdf2Sync(plainTextPassword, salt, 10, 32, "sha512")
    .toString("hex");

  // Saving both the dynamic salt and hash in the Database
  return [salt, hashedPassword].join("#");
};

// Validating the password with pbkdf2 hash
UserSchema.methods.validatePassword = async function (candidatePassword) {
  const hashedPassword = this.password_hash.split("#")[1];
  const salt = this.password_hash.split("#")[0];

  const hash = pbkdf2
    .pbkdf2Sync(candidatePassword, salt, 10, 32, "sha512")
    .toString("hex");

  if (hash === hashedPassword) {
    return true;
  }
  return false;
};

module.exports.User = mongoose.model("User", UserSchema);

使用Argon2在NodeJs中进行密码哈希

const argon2 = require("argon2");

// UserSchema
...

// Method to generate Hash from plain text  using argon2
UserSchema.methods.createHash = async function (plainTextPassword) {
    // return password hash
    return await argon2.hash(plainTextPassword);
};

// Method to validate the entered password using argon2
UserSchema.methods.validatePassword = async function (candidatePassword) {
  return await argon2.verify(this.password_hash, candidatePassword)
};

module.exports.User = mongoose.model("User", UserSchema);

本文可以帮助您设置并执行演示项目。 https://mojoauth.com/blog/hashing-passwords-in-nodejs/

其他回答

如果你只是想md5哈希一个简单的字符串,我发现这对我有用。

var crypto = require('crypto');
var name = 'braitsch';
var hash = crypto.createHash('md5').update(name).digest('hex');
console.log(hash); // 9b74c9897bac770ffc029102a200c5de

crypto模块使这非常容易。

设置:

// import crypto from 'crypto';
const crypto = require('crypto');

const sha256 = x => crypto.createHash('sha256').update(x, 'utf8').digest('hex');

用法:

sha256('Hello, world. ');

你可以使用crypto-js javaScript库的加密标准,有最简单的方法生成sha256或sha512

const SHA256 = require("crypto-js/sha256");
const SHA512 = require("crypto-js/sha512");

let password = "hello"
let hash_256 = SHA256 (password).toString();
let hash_512 = SHA512 (password).toString();

看看crypto。createhash (algorithm)

var filename = process.argv[2];
var crypto = require('crypto');
var fs = require('fs');

var md5sum = crypto.createHash('md5');

var s = fs.ReadStream(filename);
s.on('data', function(d) {
  md5sum.update(d);
});

s.on('end', function() {
  var d = md5sum.digest('hex');
  console.log(d + '  ' + filename);
});

我使用的是blueimp-md5,它“兼容服务器端环境,如Node.js,模块加载器,如RequireJS, Browserify或webpack和所有网络浏览器。”

像这样使用它:

var md5 = require("blueimp-md5");

var myHashedString = createHash('GreensterRox');

createHash(myString){
    return md5(myString);
}

如果在公开场合传递散列值,对它们加盐总是一个好主意,这样人们就更难重新创建它们:

createHash(myString){
    var salt = 'HnasBzbxH9';
    return md5(myString+salt);
}