Encryption and Hashing

Table of Contents

AdonisJs comes with a couple of providers for hashing values and encrypting data. Hashing values are different from encryption since hashed values cannot be decrypted once encrypted that is not the case with encryption.

Encrypting Data

AdonisJs encryption provider makes use of Node.js crypto module to encrypt and decrypt values.

Make sure that appKey inside config/app.js is defined before you can encrypt values.

encrypt(value)

const Encryption = use('Encryption')
const encrypted = Encryption.encrypt('hello world')

decrypt

const Encryption = use('Encryption')
const decrypted = Encryption.decrypt('encrypted value')

Hashing Values

AdonisJs hash provider comes with multiple drivers to hash user data. By default it makes use of bcrypt, however support Argon via argon2 npm package.

@adonisjs/framework version >=5.0.8 supports multiple drivers. So make sure to upgrade the package for desired results.

Config

The config is defined inside config/hash.js file and allows following values.

You will have to install argon2 npm package package from npm if using argon driver.
module.exports = {
  driver: 'bcrypt',
  bcrypt: {
    rounds: 10
  },
  argon: {
    type: 1
  }
}

make(value, [config])

Hash a plain string value. Optionally inline config can be passed to override the defaults inside the config file.

const Hash = use('Hash')
const safePassword = await Hash.make(request.input('password'))

verify(value, hashedValue)

Since you cannot decrypt a hash, you can verify the user input against the previously hashed value.

const Hash = use('Hash')
const isSame = await Hash.verify('plain-value', 'hashed-value')

if (isSame) {
  // ...
}