Every application must store passwords using a cryptographic technique. FoalTS provides two functions to hash and verify passwords.
Note: In previous versions of FoalTS (<v1.0.0), this function was named
hashPassword utility uses the PBKDF2 algorithm with a SHA256 hash. It takes as parameters the password in plain text and an optional
options object. It returns a promise which value is a password hash.
The function generates a unique cryptographically-strong random salt for each password. This salt is returned by the function beside the password hash.
verifyPassword takes three arguments:
the password to check in plain text,
the password hash (usually fetched from the database),
and an optional
options object (see below).
If you used the
parsePasswordfunction in previous versions of Foal (<0.7.0), you must pass the
legacy: trueoption to