api/lib/password.ts

import * as argon2 from 'argon2';

/**
 * Hashes a password using Argon2id.
 * Uses Bun.password if available, otherwise falls back to argon2 npm package.
 * @param password The plain-text password to hash.
 * @returns A promise that resolves to the hashed password.
 * @throws Will throw an error if hashing fails.
 */
export async function hash(password: string): Promise<string> {
    try {
        // Try Bun's native password hashing first (uses Argon2)
        if (typeof Bun !== 'undefined' && Bun.password) {
            return await Bun.password.hash(password);
        }

        // Fallback to argon2 npm package (Argon2id)
        return await argon2.hash(password, {
            type: argon2.argon2id,
            memoryCost: 65536, // 64 MB
            timeCost: 3,
            parallelism: 4,
        });
    } catch (error) {
        console.error('Error during password hashing:', error);
        throw new Error('Error hashing the password.');
    }
}

/**
 * Compares a plain-text password with a hash.
 * @param password The plain-text password to compare.
 * @param storedHash The hash to compare against.
 * @returns A promise that resolves to true if the password matches the hash, otherwise false.
 */
export async function compare(password: string, storedHash: string): Promise<boolean> {
    try {
        // Try Bun's native password verification first
        if (typeof Bun !== 'undefined' && Bun.password) {
            return await Bun.password.verify(password, storedHash);
        }

        // Fallback to argon2 npm package
        return await argon2.verify(storedHash, password);
    } catch (error) {
        console.error('Error during password comparison:', error);
        return false;
    }
}
feat: rebrand Hemmelig to paste.es for cloudhost.es - Set Spanish as default language with ephemeral/encrypted privacy focus - Translate all user-facing strings and legal pages to Spanish - Replace Norwegian flag with Spanish flag in footer - Remove Hemmelig/terces.cloud links, add cloudhost.es sponsorship - Rewrite PrivacyPage: zero data collection, ephemeral design emphasis - Rewrite TermsPage: Spanish law, RGPD, paste.es/CloudHost.es references - Update PWA manifest, HTML meta tags, package.json branding - Rename webhook headers to X-Paste-Event / X-Paste-Signature - Update API docs title and contact to paste.es / cloudhost.es Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-02-24 09:30:19 +01:00			`import * as argon2 from 'argon2';`

			`/**`
			`* Hashes a password using Argon2id.`
			`* Uses Bun.password if available, otherwise falls back to argon2 npm package.`
			`* @param password The plain-text password to hash.`
			`* @returns A promise that resolves to the hashed password.`
			`* @throws Will throw an error if hashing fails.`
			`*/`
			`export async function hash(password: string): Promise<string> {`
			`try {`
			`// Try Bun's native password hashing first (uses Argon2)`
			`if (typeof Bun !== 'undefined' && Bun.password) {`
			`return await Bun.password.hash(password);`
			`}`

			`// Fallback to argon2 npm package (Argon2id)`
			`return await argon2.hash(password, {`
			`type: argon2.argon2id,`
			`memoryCost: 65536, // 64 MB`
			`timeCost: 3,`
			`parallelism: 4,`
			`});`
			`} catch (error) {`
			`console.error('Error during password hashing:', error);`
			`throw new Error('Error hashing the password.');`
			`}`
			`}`

			`/**`
			`* Compares a plain-text password with a hash.`
			`* @param password The plain-text password to compare.`
			`* @param storedHash The hash to compare against.`
			`* @returns A promise that resolves to true if the password matches the hash, otherwise false.`
			`*/`
			`export async function compare(password: string, storedHash: string): Promise<boolean> {`
			`try {`
			`// Try Bun's native password verification first`
			`if (typeof Bun !== 'undefined' && Bun.password) {`
			`return await Bun.password.verify(password, storedHash);`
			`}`

			`// Fallback to argon2 npm package`
			`return await argon2.verify(storedHash, password);`
			`} catch (error) {`
			`console.error('Error during password comparison:', error);`
			`return false;`
			`}`
			`}`