If you are already using this module with the old hashPassword method, you can migrate by using a conditional for which hashPassword algorithm is used for verifying login then rehashing the password with the new hashPassword function. I made the change to hashPassword because SHA-256 should not be used for hashing passwords. Once all logins have been migrated to using the new hashing function for their password, you can remove the old hashing function.
Below is a copy of the old hashPassword function if you need it.
async function hashPasswordSHA256(password: string, salt?: string): Promise<string> {
const data = (new TextEncoder()).encode(
password + (salt ? `:${salt}` : ""),
);
const buffer = await crypto.subtle.digest("SHA-256", data);
return (new TextDecoder()).decode(encodeHex(new Uint8Array(buffer)));
}
Closes https://github.com/udibo/oauth2_server/issues/28
If you are already using this module with the old hashPassword method, you can migrate by using a conditional for which hashPassword algorithm is used for verifying login then rehashing the password with the new hashPassword function. I made the change to hashPassword because SHA-256 should not be used for hashing passwords. Once all logins have been migrated to using the new hashing function for their password, you can remove the old hashing function.
Below is a copy of the old hashPassword function if you need it.