search

antelle / argon2-browser

Argon2 library compiled for browser runtime
https://antelle.net/argon2-browser
MIT License
367 stars 79 forks source link

How to use with a bundler? #24

Closed NikxDa closed 5 years ago

NikxDa commented 5 years ago

Hey there,

thanks for providing this awesome module to the community! I am trying to get this package to work with Webpack & React, but it turns out to be quite the issue. I suspect it is because of the way that the argon2.js:

  1. Uses a factory and does not have a default export (webpack will bundle it in a scope which afaik is unaccessible afterwards), and
  2. Loads the asm-file from a node_modules folder which is supposed to be exposed (if I get this correctly)

I was able to get this to work with a bundler by copying both of these files, exposing the asm variant file, and then both adding a default export & changing the import path. Is there a way to get first hand support for bundlers so that this does not result in any issues? I suspect most people will not be willing to expose their node_modules, and I feel it is a really bad practice. On the other hand, my workaround will need to be updated manually, which might pose security risks at some point in time.

Would love to get your feedback on this!

Cheers

antelle commented 5 years ago

Hi! Indeed exposing node_modules is not cool and it's supposed to be used mostly for debugging.
Now WebPack has better support for loading WebAssembly, we can improve bundling as well. I'd be happy to see a merge request on this, but I'll also try to implement it.

NikxDa commented 5 years ago

Hey there,

thanks for checking on this so promptly! Happy to see what you can come up with. If you need any specific help, let me know!

Cheers

NikxDa commented 5 years ago

@antelle Did you get anywhere with this? I might have a look into it this weekend otherwise, but I'd appreciate your guidance in terms of how you imagine this should work out.

antelle commented 5 years ago

I haven’t done anything yet unfortunately, didn’t have time for that...

Valgoku01 commented 5 years ago

Hi all,

I've had the same trouble. Working with argon2-browser on dev purpose doesn't cause any trouble cause you're working with node_modules. But as soon as you want it to be working on production (bundled), the problem occures indeed. It tries to import the lib from... node_modules... I'd be very greatful of any improvement :)

ps: thanks for the already great work done !

antelle commented 5 years ago

Done. Usage examples:

I used base64-loader because WebPack 4 is too smart and does some magic with WASM, however this magic doesn't work with emscripten and it's not possible to disable it, so I screwed it with base64-loader. If you manage to find another solution, please let me know.

antelle commented 5 years ago

Also thanks to this dude for some tips: https://wildsilicon.com/blog/2018/emscripten-webpack/ (can be helpful for you as well)

NikxDa commented 5 years ago

Thanks for getting this done, I really appreciate it!