refactor(auth): replace bcrypt with much better password hashing algorithm built into node crypto module for password hashing and validation

AdityaKirad · AdityaKirad · commit 0d03e30f3410 · 2025-06-09T21:11:39.000+05:30
refactor(validation): update password schema to reflect scrypt limits
refactor(tests): use crypto for password hashing in test utilities
diff --git a/app/utils/auth.server.ts b/app/utils/auth.server.ts
@@ -1,6 +1,5 @@
-import crypto from 'node:crypto'
+import crypto from 'crypto'
 import { type Connection, type Password, type User } from '@prisma/client'
-import bcrypt from 'bcryptjs'
 import { redirect } from 'react-router'
 import { Authenticator } from 'remix-auth'
 import { safeRedirect } from 'remix-utils/safe-redirect'
@@ -11,6 +10,14 @@ import { type ProviderUser } from './providers/provider.ts'
 import { authSessionStorage } from './session.server.ts'
 import { uploadProfileImage } from './storage.server.ts'
 
+const SCRYPT_PARAMS = {
+	N: 2 ** 14,
+	r: 16,
+	p: 1,
+	keyLength: 64,
+	saltLength: 16,
+}
+
 export const SESSION_EXPIRATION_TIME = 1000 * 60 * 60 * 24 * 30
 export const getSessionExpirationDate = () =>
 	new Date(Date.now() + SESSION_EXPIRATION_TIME)
@@ -231,8 +238,9 @@ export async function logout(
 }
 
 export async function getPasswordHash(password: string) {
-	const hash = await bcrypt.hash(password, 10)
-	return hash
+	const salt = crypto.randomBytes(SCRYPT_PARAMS.saltLength).toString('hex')
+	const hash = await generateKey(password, salt)
+	return `${salt}:${hash.toString('hex')}`
 }
 
 export async function verifyUserPassword(
@@ -244,11 +252,16 @@ export async function verifyUserPassword(
 		select: { id: true, password: { select: { hash: true } } },
 	})
 
-	if (!userWithPassword || !userWithPassword.password) {
-		return null
-	}
+	if (!userWithPassword || !userWithPassword.password) return null
 
-	const isValid = await bcrypt.compare(password, userWithPassword.password.hash)
+	const [salt, key] = userWithPassword.password.hash.split(':')
+
+	if (!key || !salt) return null
+
+	const isValid = crypto.timingSafeEqual(
+		Buffer.from(key, 'hex'),
+		await generateKey(password, salt),
+	)
 
 	if (!isValid) {
 		return null
@@ -292,3 +305,25 @@ export async function checkIsCommonPassword(password: string) {
 		return false
 	}
 }
+
+async function generateKey(
+	password: string,
+	salt: string,
+): Promise<Buffer<ArrayBufferLike>> {
+	return new Promise<Buffer<ArrayBufferLike>>((resolve, reject) => {
+		crypto.scrypt(
+			password.normalize('NFKC'),
+			salt,
+			SCRYPT_PARAMS.keyLength,
+			{
+				N: SCRYPT_PARAMS.N,
+				r: SCRYPT_PARAMS.r,
+				p: SCRYPT_PARAMS.p,
+			},
+			(err, key) => {
+				if (err) reject(err)
+				else resolve(key)
+			},
+		)
+	})
+}
diff --git a/app/utils/user-validation.ts b/app/utils/user-validation.ts
@@ -16,11 +16,8 @@ export const UsernameSchema = z
 export const PasswordSchema = z
 	.string({ required_error: 'Password is required' })
 	.min(6, { message: 'Password is too short' })
-	// NOTE: bcrypt has a limit of 72 bytes (which should be plenty long)
-	// https://github.com/epicweb-dev/epic-stack/issues/918
-	.refine((val) => new TextEncoder().encode(val).length <= 72, {
-		message: 'Password is too long',
-	})
+	// scrypt has no such limit unlike bcrypt which has 72 bytes limit
+	.max(100, { message: 'Password is too long' })
 
 export const NameSchema = z
 	.string({ required_error: 'Name is required' })
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -72,7 +72,6 @@
     "@tailwindcss/vite": "^4.1.5",
     "@tusbar/cache-control": "1.0.2",
     "address": "^2.0.3",
-    "bcryptjs": "^3.0.2",
     "class-variance-authority": "^0.7.1",
     "close-with-grace": "^2.2.0",
     "clsx": "^2.1.1",
diff --git a/tests/db-utils.ts b/tests/db-utils.ts
@@ -1,5 +1,5 @@
+import crypto from 'crypto'
 import { faker } from '@faker-js/faker'
-import bcrypt from 'bcryptjs'
 import { UniqueEnforcer } from 'enforce-unique'
 
 const uniqueUsernameEnforcer = new UniqueEnforcer()
@@ -30,8 +30,14 @@ export function createUser() {
 }
 
 export function createPassword(password: string = faker.internet.password()) {
+	const salt = crypto.randomBytes(16).toString('hex')
+	const hash = crypto.scryptSync(password, salt, 64, {
+		N: 2 ** 14,
+		r: 16,
+		p: 1,
+	})
 	return {
-		hash: bcrypt.hashSync(password, 10),
+		hash: `${salt}:${hash.toString('hex')}`,
 	}
 }
 

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
	`1`	`+import crypto from 'crypto'`
`1`	`2`	`import { faker } from '@faker-js/faker'`
`2`		`-import bcrypt from 'bcryptjs'`
`3`	`3`	`import { UniqueEnforcer } from 'enforce-unique'`
`4`	`4`
`5`	`5`	`const uniqueUsernameEnforcer = new UniqueEnforcer()`
`@@ -30,8 +30,14 @@ export function createUser() {`
`30`	`30`	`}`
`31`	`31`
`32`	`32`	`export function createPassword(password: string = faker.internet.password()) {`
	`33`	`+ const salt = crypto.randomBytes(16).toString('hex')`
	`34`	`+ const hash = crypto.scryptSync(password, salt, 64, {`
	`35`	`+ N: 2 ** 14,`
	`36`	`+ r: 16,`
	`37`	`+ p: 1,`
	`38`	`+ })`
`33`	`39`	`return {`
`34`		`- hash: bcrypt.hashSync(password, 10),`
	`40`	+ hash: `${salt}:${hash.toString('hex')}`,
`35`	`41`	`}`
`36`	`42`	`}`
`37`	`43`