12769bd1ab
Passwords will be automatically re-hashed on sign-in. All new password hashes will be argon2 by default. This uses argon2id and is not configurable. In the very unlikely case someone has more specific needs, a fork is recommended. ChangeLog: Added Co-authored-by: Chloe Kudryavtsev <code@toast.bunkerlabs.net> Breaks Calckey -> Misskey migration, but fixes Foundkey -> Calckey migration
20 lines
502 B
TypeScript
20 lines
502 B
TypeScript
import bcrypt from "bcryptjs";
|
|
import * as argon2 from "argon2";
|
|
|
|
export async function hashPassword(password: string): Promise<string> {
|
|
return argon2.hash(password);
|
|
}
|
|
|
|
export async function comparePassword(
|
|
password: string,
|
|
hash: string,
|
|
): Promise<boolean> {
|
|
if (isOldAlgorithm(hash)) return bcrypt.compare(password, hash);
|
|
|
|
return argon2.verify(hash, password);
|
|
}
|
|
|
|
export function isOldAlgorithm(hash: string): boolean {
|
|
// bcrypt hashes start with $2[ab]$
|
|
return hash.startsWith("$2");
|
|
}
|