Add CLI script

Author: tjconcept

README.md

@@ -102,6 +102,48 @@ Warning: Decreasing `keyLength` or `work` can make your password database less s
 * @return {Object} credential object
 
 
+## CLI
+
+```shell
+$ credential --help
+
+  Usage: cmd [options] [command]
+
+
+  Commands:
+
+    hash [options] [password]  Hash password
+    verify [hash] <password>   Verify password
+
+  Options:
+
+    -h, --help  output usage information
+```
+
+```shell
+$ credential hash --help
+
+  Usage: hash [options] [password]
+
+  Hash password
+
+  Options:
+
+    -h, --help                    output usage information
+    -w --work <work>              relative work load (0.5 for half the work)
+    -k --key-length <key-length>  length of salt
+```
+
+The `password` argument for `hash` and the `hash` argument for `verify` both support piping by replacing with a dash (`-`):
+
+```shell
+$ echo -n "my password" | credential hash - | credential verify - "my password"
+Verified
+```
+
+Exit codes `0` and `1` is used to communicate verified or invalid as well.
+
+
 ## Motivation
 
 Several other libraries claim to do the same thing, but fall short. Several fail to use cryptographically secure salts, which make salt guessing possible. Others fail to use either a long enough salt, or a long enough hash. The salt should be the same size as the hash. No shorter, and no longer.

bin/cmd.js

@@ -0,0 +1,53 @@
+#!/usr/bin/env node
+'use strict';
+
+var program = require('commander');
+var pluck = require('pluck-keys');
+var credential = require('../credential');
+
+var stdin = '';
+
+program
+	.command('hash [password]')
+	.description('Hash password')
+	.option('-w --work <work>', 'relative work load (0.5 for half the work)', Number)
+	.option('-k --key-length <key-length>', 'length of salt', Number)
+	.action(function( password, options ){
+		credential.configure(pluck([
+			'keyLength',
+			'hashMethod',
+			'work'
+		], options));
+
+		credential.hash(stdin || password, function( err, result ){
+			if (err)
+				return console.error(err);
+
+			console.log(result);
+		});
+	});
+
+program
+	.command('verify [hash] <password>')
+	.description('Verify password')
+	.action(function( hash, password ){
+		credential.verify(stdin || hash, password, function( err, result ){
+			if (err)
+				return console.error(err);
+
+			console.log(result ? 'Verified' : 'Invalid');
+			process.exit(result ? 0 : 1);
+		});
+	});
+
+if (process.stdin.isTTY) {
+	program.parse(process.argv);
+} else {
+	process.stdin.on('readable', function(){
+		stdin += this.read() || '';
+	});
+
+	process.stdin.on('end', function(){
+		program.parse(process.argv);
+	});
+}

package.json

@@ -4,10 +4,16 @@
   "description": "Easy password hashing and verification in Node. Protects against brute force, rainbow tables, and timing attacks.",
   "main": "credential.js",
   "directories": {
-    "test": "test"
+    "test": "test",
+    "bin": "bin"
+  },
+  "bin": {
+    "credential": "bin/cmd.js"
   },
   "dependencies": {
-    "mout": "~0.6.0"
+    "mout": "~0.6.0",
+    "commander": "^2.8.1",
+    "pluck-keys": "^0.0.4"
   },
   "devDependencies": {
     "babel": "^5.6.14",