JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 250748
  • Score
    100M100P100Q197860F
  • License MIT

A small Node.js class to generate YouTube-like hashes from one or many numbers. Use hashids when you do not want to expose your database ids to the user.

Package Exports

  • hashids

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (hashids) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

hashids

A small Node.js class to generate YouTube-like hashes from one or many numbers. Use hashids when you do not want to expose your database ids to the user.

http://www.hashids.org/node-js/

What is it?

hashids (Hash ID's) creates short, unique, decryptable hashes from unsigned integers.

It was designed for websites to use in URL shortening, tracking stuff, or making pages private (or at least unguessable).

This algorithm tries to satisfy the following requirements:

  1. Hashes must be unique and decryptable.
  2. They should be able to contain more than one integer (so you can use them in complex or clustered systems).
  3. You should be able to specify minimum hash length.
  4. Hashes should not contain basic English curse words (since they are meant to appear in public places - like the URL).

Instead of showing items as 1, 2, or 3, you could show them as U6dc, u87U, and HMou. You don't have to store these hashes in the database, but can encrypt + decrypt on the fly.

All integers need to be greater than or equal to zero.

Installation

  1. Grab Node.js and install if you haven't already: http://nodejs.org/download/

  2. Install using npm:

    npm install hashids

Usage

Encrypting one number

You can pass a unique salt value so your hashes differ from everyone else's. I use "this is my salt" as an example.

var hashids = require("hashids"),
    hashes = new hashids("this is my salt");

var hash = hashes.encrypt(12345);

hash is now going to be:

ryKo

Decrypting

Notice during decryption, same salt value is used:

var hashids = require("hashids"),
    hashes = new hashids("this is my salt");

var numbers = hashes.decrypt("ryKo");

numbers is now going to be:

[ 12345 ]

Decrypting with different salt

Decryption will not work if salt is changed:

var hashids = require("hashids"),
    hashes = new hashids("this is my pepper");

var numbers = hashes.decrypt("ryKo");

numbers is now going to be:

[]

Encrypting several numbers

var hashids = require("hashids"),
    hashes = new hashids("this is my salt");

var hash = hashes.encrypt(683, 94108, 123, 5);

hash is now going to be:

zKphM54nuAyu5

Decrypting is done the same way

var hashids = require("hashids"),
    hashes = new hashids("this is my salt");

var numbers = hashes.decrypt("zKphM54nuAyu5");

numbers is now going to be:

[ 683, 94108, 123, 5 ]

Encrypting and specifying minimum hash length

Here we encrypt integer 1, and set the minimum hash length to 8 (by default it's 0 -- meaning hashes will be the shortest possible length).

var hashids = require("hashids"),
    hashes = new hashids("this is my salt", 8);

var hash = hashes.encrypt(1);

hash is now going to be:

rjiMRirL

Decrypting

var hashids = require("hashids"),
    hashes = new hashids("this is my salt", 8);

var numbers = hashes.decrypt("rjiMRirL");

numbers is now going to be:

[ 1 ]

Specifying custom hash alphabet

Here we set the alphabet to consist of only four letters: "abcd"

var hashids = require("hashids"),
    hashes = new hashids("this is my salt", 0, "abcd");

var hash = hashes.encrypt(1, 2, 3, 4, 5);

hash is now going to be:

adcdacddcdaacdad

Randomness

The primary purpose of hashids is to obfuscate ids. It's not meant or tested to be used for security purposes or compression. Having said that, this algorithm does try to make these hashes unguessable and unpredictable:

Repeating numbers

var hashids = require("hashids"),
    hashes = new hashids("this is my salt");

var hash = hashes.encrypt(5, 5, 5, 5);

You don't see any repeating patterns that might show there's 4 identical numbers in the hash:

GMh5SAt9

Same with incremented numbers:

var hashids = require("hashids"),
    hashes = new hashids("this is my salt");

var hash = hashes.encrypt(1, 2, 3, 4, 5, 6, 7, 8, 9, 10);

hash will be :

zEUzHySGIpuyhpF6Tasj

Incrementing number hashes:

var hashids = require("hashids"),
    hashes = new hashids("this is my salt");

var hash1 = hashes.encrypt(1), /* MR */
    hash2 = hashes.encrypt(2), /* ed */
    hash3 = hashes.encrypt(3), /* o9 */
    hash4 = hashes.encrypt(4), /* 4n */
    hash5 = hashes.encrypt(5); /* a5 */

Speed

Even though speed is an important factor of every hashing algorithm, primary goal here was encoding several numbers at once and making the hash unique and random.

With Node 0.8.8, on a 2.7 GHz Intel Core i7 with 16GB of RAM, it takes roughly 0.08 seconds to:

  1. Encrypt 1000 hashes consisting of 1 integer hashids.encrypt(12);
  2. And decrypt these 1000 hashes back into integers hashids.decrypt(hash); while ensuring they are valid

If we do the same with 3 integers, for example: hashids.encrypt(10, 11, 12); -- the number jumps up to 0.13 seconds on the same machine.

Sidenote: The numbers tested with were relatively small -- if you increase them, the speed will obviously decrease.

What you could do to speed it up

Usually people either encrypt or decrypt one hash per request, so the algorithm should already be fast enough for that. However, there are still several things you could do:

  1. If you are generating a lot of hashes at once, wrap this class in your own so you can cache hashes.
  2. Use MongoDB or Redis.
  3. You could also decrease the length of your alphabet. Your hashes will become longer, but calculating them will be faster.

Bad hashes

I wrote this class with the intent of placing these hashes in visible places - like the URL. If I create a unique hash for each user, it would be unfortunate if the hash ended up accidentally being a bad word. Imagine auto-creating a URL with hash for your user that looks like this - http://example.com/user/a**hole

Therefore, this algorithm tries to avoid generating most common English curse words with the default alphabet. This is done by never placing the following letters next to each other:

c, C, s, S, f, F, h, H, u, U, i, I, t, T

Changelog

0.1.2 - Current Stable

Warning: If you are using 0.1.1 or below, updating to this version will change your hashes.
  • Minimum hash length can now be specified
  • Added more randomness to hashes
  • Added unit tests
  • Added example files
  • Changed warnings that can be thrown
  • Renamed encode/decode to encrypt/decrypt
  • Consistent shuffle does not depend on md5 anymore
  • Speed improvements

0.1.1

  • Speed improvements
  • Bug fixes

0.1.0

  • First commit

Contact

Follow me @IvanAkimov

Or http://ivanakimov.com

License

MIT License. See the LICENSE file.