SecureMyLoginJS

Description

SecureMyLoginJs is a simple node module that does the complicated security stuff behind the scenes for you, so you can focus more of your time on the web app you want to create. This is an excellent tool for those who don't unserstand the basics of security but still want to develop a seure web app.

The module is created in such a way that you can use any database you'd like.

Example

const secureLogin = require('securemyloginjs');
const userHandler = secureLogin(options);
const DatabaseObject = userHandler.DatabaseObject;

//function when a user tries to login
function userLogin(login,password)
{
    //DO DATABASE QUERY HERE

    //dbSalt is only required if mergePassword is disabled in the options
    let dbObj = new DatabaseObject(dbLogin,dbPassword,dbSalt);

    uh.authenticateUser(login,password,dbObj,function(cookie)
    {
        //REGISTER COOKIE IN DATABASE WITH DATE

        //SET THE COOKIE ON THE CLIENT
    });
}

function userRegistration(login, password [, other params])
{
    uh.registerUser(login, password, entropystr, function(dbObj)
    {
        //REGISTER DATABASEOBJECT IN YOUR DATABASE
    });
}

Options

{
    digest: "sha512", //The hash algorithm used to hash the password.
    encoding: "base64", //The encoding used to encode all the data
    iterations: 10000, //Amount of iterations the HMAC should do
    keylen: 256, //The length in bytes the passwordhash should be
    saltlen: 64, //The length in btes the salt should be
    cookielen: 64, //The length in bytes the cookie should be
    mergePassword: true, //If true the password and salt are stored in the same database field.
    divider: ':' //The char(s) to split the password and salt from eachother not required if mergePassword is set to false
}