A small Java class to generate YouTube-like hashes from one or many numbers.
Ported from javascript hashids.js by Ivan Akimov
hashids (Hash ID's) creates short, unique, decodable hashes from unsigned (long) integers.
It was designed for websites to use in URL shortening, tracking stuff, or making pages private (or at least unguessable).
This algorithm tries to satisfy the following requirements:
- Hashes must be unique and decodable.
- They should be able to contain more than one integer (so you can use them in complex or clustered systems).
- You should be able to specify minimum hash length.
- Hashes should not contain basic English curse words (since they are meant to appear in public places - like the URL).
Instead of showing items as 1
, 2
, or 3
, you could show them as U6dc
, u87U
, and HMou
.
You don't have to store these hashes in the database, but can encode + decode on the fly.
All (long) integers need to be greater than or equal to zero.
hashids is available in Maven Central. If you are using Maven, add the following dependency to your pom.xml's dependencies:
<dependency>
<groupId>org.hashids</groupId>
<artifactId>hashids</artifactId>
<version>1.0.3</version>
</dependency>
Alternatively, if you use gradle or are on android, add the following to your app's build.gradle
file under dependencies:
compile 'org.hashids:hashids:1.0.3'
import org.hashids;
You can pass a unique salt value so your hashes differ from everyone else's. I use "this is my salt" as an example.
Hashids hashids = new Hashids("this is my salt");
String hash = hashids.encode(12345L);
hash
is now going to be:
NkK9
Notice during decoding, same salt value is used:
Hashids hashids = new Hashids("this is my salt");
long[] numbers = hashids.decode("NkK9");
numbers
is now going to be:
[ 12345 ]
Decoding will not work if salt is changed:
Hashids hashids = new Hashids("this is my pepper");
long[] numbers = hashids.decode("NkK9");
numbers
is now going to be:
[]
Hashids hashids = new Hashids("this is my salt");
String hash = hashids.encode(683L, 94108L, 123L, 5L);
hash
is now going to be:
aBMswoO2UB3Sj
Hashids hashids = new Hashids("this is my salt");
long[] numbers = hashids.decode("aBMswoO2UB3Sj");
numbers
is now going to be:
[ 683, 94108, 123, 5 ]
Here we encode integer 1, and set the minimum hash length to 8 (by default it's 0 -- meaning hashes will be the shortest possible length).
Hashids hashids = new Hashids("this is my salt", 8);
String hash = hashids.encode(1L);
hash
is now going to be:
gB0NV05e
Hashids hashids = new Hashids("this is my salt", 8);
long[] numbers = hashids.decode("gB0NV05e");
numbers
is now going to be:
[ 1 ]
Here we set the alphabet to consist of only six letters: "0123456789abcdef"
Hashids hashids = new Hashids("this is my salt", 0, "0123456789abcdef");
String hash = hashids.encode(1234567L);
hash
is now going to be:
b332db5
The primary purpose of hashids is to obfuscate ids. It's not meant or tested to be used for security purposes or compression. Having said that, this algorithm does try to make these hashes unguessable and unpredictable:
Hashids hashids = new Hashids("this is my salt");
String hash = hashids.encode(5L, 5L, 5L, 5L);
You don't see any repeating patterns that might show there's 4 identical numbers in the hash:
1Wc8cwcE
Same with incremented numbers:
Hashids hashids = new Hashids("this is my salt");
String hash = hashids.encode(1L, 2L, 3L, 4L, 5L, 6L, 7L, 8L, 9L, 10L);
hash
will be :
kRHnurhptKcjIDTWC3sx
Hashids hashids = new Hashids("this is my salt");
String hash1 = hashids.encode(1L); /* NV */
String hash2 = hashids.encode(2L); /* 6m */
String hash3 = hashids.encode(3L); /* yD */
String hash4 = hashids.encode(4L); /* 2l */
String hash5 = hashids.encode(5L); /* rD */
I wrote this class with the intent of placing these hashes in visible places - like the URL. If I create a unique hash for each user, it would be unfortunate if the hash ended up accidentally being a bad word. Imagine auto-creating a URL with hash for your user that looks like this - http://example.com/user/a**hole
Therefore, this algorithm tries to avoid generating most common English curse words with the default alphabet. This is done by never placing the following letters next to each other:
c, C, s, S, f, F, h, H, u, U, i, I, t, T
The original and reference implementation is the JS (Hashids Website) version. JS number
limitation is (2^53 - 1)
. Our java implementation uses Long
, but is limited to the same limits JS is, for the sake of compatibility. If a bigger number is provided, an IllegalArgumentException
will be thrown.
Follow me C.C.(@fanweixiao), @IvanAkimov, @0x3333.
MIT License. See the LICENSE
file.