diff --git a/backend/package.json b/backend/package.json index fd52f86..e5bd261 100644 --- a/backend/package.json +++ b/backend/package.json @@ -28,7 +28,6 @@ "@nestjs/platform-express": "^10.0.0", "@nestjs/swagger": "^7.3.1", "@nestjs/typeorm": "^10.0.2", - "bcrypt": "^5.1.1", "class-transformer": "^0.5.1", "class-validator": "^0.14.1", "install": "^0.13.0", @@ -45,7 +44,7 @@ "@nestjs/cli": "^10.0.0", "@nestjs/schematics": "^10.0.0", "@nestjs/testing": "^10.0.0", - "@types/bcrypt": "^5.0.2", + "@types/argon2": "^0.15.0", "@types/express": "^4.17.17", "@types/jest": "^29.5.2", "@types/node": "^20.3.1", diff --git a/backend/pnpm-lock.yaml b/backend/pnpm-lock.yaml index 3c8ea11..94eb8cd 100644 --- a/backend/pnpm-lock.yaml +++ b/backend/pnpm-lock.yaml @@ -76,6 +76,9 @@ devDependencies: '@nestjs/testing': specifier: ^10.0.0 version: 10.3.7(@nestjs/common@10.3.7)(@nestjs/core@10.3.7)(@nestjs/platform-express@10.3.7) + '@types/argon2': + specifier: ^0.15.0 + version: 0.15.0 '@types/bcrypt': specifier: ^5.0.2 version: 5.0.2 @@ -1200,6 +1203,11 @@ packages: transitivePeerDependencies: - encoding + /@phc/format@1.0.0: + resolution: {integrity: sha512-m7X9U6BG2+J+R1lSOdCiITLLrxm+cWlNI3HUFA92oLO77ObGNzaKdh8pMLqdZcshtkKuV84olNNXDfMc4FezBQ==} + engines: {node: '>=10'} + dev: true + /@pkgjs/parseargs@0.11.0: resolution: {integrity: sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==} engines: {node: '>=14'} @@ -1243,6 +1251,13 @@ packages: /@tsconfig/node16@1.0.4: resolution: {integrity: sha512-vxhUy4J8lyeyinH7Azl1pdd43GJhZH/tP2weN8TntQblOY+A0XbT8DJk1/oCPuOOyg/Ja757rG0CgHcWC8OfMA==} + /@types/argon2@0.15.0: + resolution: {integrity: sha512-AKQ8LR6bgmNHF7vhIQjD4EEbxITc1+1sTS9OKvkT5SaTfKw9OhFFExriod+H92biWIm23k7UT5VcF5ja9D+FIg==} + deprecated: This is a stub types definition for Argon2 (https://github.com/ranisalt/node-argon2). Argon2 provides its own type definitions, so you don't need @types/argon2 installed! + dependencies: + argon2: 0.40.1 + dev: true + /@types/babel__core@7.20.5: resolution: {integrity: sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==} dependencies: @@ -1855,6 +1870,16 @@ packages: /arg@4.1.3: resolution: {integrity: sha512-58S9QDqG0Xx27YwPSt9fJxivjYl432YCwfDMfZ+71RAqUrZef7LrKQZ3LHLOwCS4FLNBplP533Zx895SeOCHvA==} + /argon2@0.40.1: + resolution: {integrity: sha512-DjtHDwd7pm12qeWyfihHoM8Bn5vGcgH6sKwgPqwNYroRmxlrzadHEvMyuvQxN/V8YSyRRKD5x6ito09q1e9OyA==} + engines: {node: '>=16.17.0'} + requiresBuild: true + dependencies: + '@phc/format': 1.0.0 + node-addon-api: 7.1.0 + node-gyp-build: 4.8.1 + dev: true + /argparse@1.0.10: resolution: {integrity: sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==} dependencies: @@ -4359,6 +4384,11 @@ packages: resolution: {integrity: sha512-eh0GgfEkpnoWDq+VY8OyvYhFEzBk6jIYbRKdIlyTiAXIVJ8PyBaKb0rp7oDtoddbdoHWhq8wwr+XZ81F1rpNdA==} dev: false + /node-addon-api@7.1.0: + resolution: {integrity: sha512-mNcltoe1R8o7STTegSOHdnJNN7s5EUvhoS7ShnTHDyOSd+8H+UdWODq6qSv67PjC8Zc5JRT8+oLAMCr0SIXw7g==} + engines: {node: ^16 || ^18 || >= 20} + dev: true + /node-emoji@1.11.0: resolution: {integrity: sha512-wo2DpQkQp7Sjm2A0cq+sN7EHKO6Sl0ctXeBdFZrL9T9+UywORbufTcTZxom8YqpLQt/FqNMUkOpkZrJVYSKD3A==} dependencies: @@ -4376,6 +4406,11 @@ packages: dependencies: whatwg-url: 5.0.0 + /node-gyp-build@4.8.1: + resolution: {integrity: sha512-OSs33Z9yWr148JZcbZd5WiAXhh/n9z8TxQcdMhIOlpN9AhWpLfvVFO73+m77bBABQMaY9XSvIa+qk0jlI7Gcaw==} + hasBin: true + dev: true + /node-int64@0.4.0: resolution: {integrity: sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==} dev: true diff --git a/backend/src/modules/auth-module/services/encryption.service.ts b/backend/src/modules/auth-module/services/encryption.service.ts index 2533b64..79182e7 100644 --- a/backend/src/modules/auth-module/services/encryption.service.ts +++ b/backend/src/modules/auth-module/services/encryption.service.ts @@ -1,13 +1,21 @@ import { Injectable } from '@nestjs/common'; -import * as bcrypt from 'bcrypt'; +import * as argon2 from 'argon2'; +import { Options } from 'argon2'; @Injectable() export class EncryptionService { + private hashOptions: Options = { + type: argon2.argon2id, + memoryCost: 2 ** 16, + timeCost: 3, + parallelism: 1, + }; + public async hashData(data: string): Promise { - return bcrypt.hash(data, 10); + return await argon2.hash(data, this.hashOptions); } public async compareHash(data: string, encrypted: string): Promise { - return bcrypt.compare(data, encrypted); + return await argon2.verify(encrypted, data); } }