node-user-accounts-boilerplate-nahid/crypt/Crypt.js
"use strict";
/**
* Abstract class for taking care of password hashing and verification.
*/
class Crypt
{
/**
* Hash a password.
*
* @param {string} password Password to hash
* @return {string} Promise should return hash as string or error
*/
async hash(password)
{
if (!password)
{
throw new Error('Empty password');
}
return await this.hashImplementation(password);
}
/**
* Implementation of hash() minus checks.
*
* @param {string} password_ Password to hash
* @return {string} Promise should return hash as string or error
* @abstract
*/
async hashImplementation(password_)
{
throw new Error('TODO: Abstract method called');
}
/**
* Verify a password against previously hashed password
*
* @param {String} password Password to compare
* @param {String} hash Previously hashed password
* @return {boolean} Promise should return boolean result.
*/
async verify(password, hash)
{
if (!password)
{
throw new Error('Empty password');
}
if (!hash)
{
throw new Error('Empty hash');
}
return await this.verifyImplementation(password, hash);
}
/**
* Implementation of verify() minus checks.
*
* Default implementation hashes new password and does string compare.
* This'll work for weaker hashes like md5 but won't work for stronger ones
* like scrypt.
*
* @param {String} password Password to compare
* @param {String} hash Previously hashed password
* @return {boolean} Promise should return boolean result.
*/
async verifyImplementation(password, hash)
{
return hash === await this.hash(password);
}
}
module.exports = Crypt;