Edit this page

Password Field

Stores a String in the model.

Displayed as a password field in the Admin UI, with a ‘change’ button.

Passwords are automatically encrypted with bcrypt, and expose a method to compare a string to the encrypted hash.

Note: The encryption happens with a pre-save hook added to the schema, so passwords set will not be encrypted until an item has been saved to the database.

Example

{ type: Types.Password }

Options

workFactor Number

The bcrypt workfactor to use when generating the hash, higher numbers are slower but more secure (defaults to 10).

complexity Object

Allows to set complexity requirements:

  • digitChar Boolean - when set to true, requires at least one digit
  • spChar Boolean - when set to true, requires at least one from the following special characters: !, @, #, $, %, ^, &, *, (, ), +
  • asciiChar Boolean - when set to true, allows only ASCII characters (from range U+0020—U+007E)
  • lowChar Boolean - when set to true, requires at least one lower case character
  • upperChar Boolean - when set to true, requires at least one upper case character

Example

{ type: Types.Password, complexity: { digitChar: true, asciiChar: true } }

max Number

Sets the maximum password length; defaults to 72, in accordance with bcrypt, which truncates the password to the first 72 bytes.

Can be set to false to disable the max length.

Note: Disabling max or setting its value to >72 does not override the bcrypt specification.

min Number

Defines the minimum password length; disabled by default.

Underscore methods

compare(candidate, callback) - encrypts the candidate and compares it against the encrypted hash

  • candidate String to compare
  • callback(err, result) - result is true if the candidate matches the stored password, or false if it doesn’t

Special paths

{path}_compare - when provided to the updateHandler, it will be checked against {path} and validation will fail if they don’t match.