Use scrypt for api keys (#33)

2024-06-27 07:42:13 +10:00
parent 1beced823e
commit 57fcfbc9b6
10 changed files with 219 additions and 113 deletions
--- a/apps/web/src/server/crypto.ts
+++ b/apps/web/src/server/crypto.ts
@@ -0,0 +1,19 @@
+import { randomBytes, scryptSync } from "crypto";
+
+export const createSecureHash = async (key: string) => {
+  const data = new TextEncoder().encode(key);
+  const salt = randomBytes(16).toString("hex");
+
+  const derivedKey = scryptSync(data, salt, 64);
+
+  return `${salt}:${derivedKey.toString("hex")}`;
+};
+
+export const verifySecureHash = async (key: string, hash: string) => {
+  const data = new TextEncoder().encode(key);
+
+  const [salt, storedHash] = hash.split(":");
+  const derivedKey = scryptSync(data, String(salt), 64);
+
+  return storedHash === derivedKey.toString("hex");
+};