Skip to content
VeloxTS

Password Hashing

VeloxTS provides secure password hashing utilities.

Quick Usage

Section titled “Quick Usage”
import { hashPassword, verifyPassword } from '@veloxts/auth';


// Hash password
const hash = await hashPassword('user-password');


// Verify password
const isValid = await verifyPassword('user-password', hash);

Registration

Section titled “Registration”
register: procedure()
  .input(z.object({
    email: z.string().email(),
    password: z.string().min(8),
  }))
  .mutation(async ({ input, ctx }) => {
    const passwordHash = await hashPassword(input.password);


    return ctx.db.user.create({
      data: {
        email: input.email,
        passwordHash,
      },
    });
  }),

Login

Section titled “Login”
login: procedure()
  .input(z.object({
    email: z.string().email(),
    password: z.string(),
  }))
  .mutation(async ({ input, ctx }) => {
    const user = await ctx.db.user.findUnique({
      where: { email: input.email },
    });


    if (!user) {
      throw new Error('Invalid credentials');
    }


    const isValid = await verifyPassword(input.password, user.passwordHash);


    if (!isValid) {
      throw new Error('Invalid credentials');
    }


    // Generate tokens or create session
    return { user };
  }),

Algorithm

Section titled “Algorithm”

VeloxTS uses Argon2id by default (falls back to bcrypt if unavailable).

Next Steps

Section titled “Next Steps”