Available in JavaScript Ruby Python Java PHP CoffeeScript Go and for Node.js .NET
Generate hashes (like YouTube or Bitly) from numbers to obfuscate your database IDs, or navigate to the right shard.
Hashids was designed for use in URL shortening, tracking stuff, validating accounts or making pages private (through abstraction). Instead of showing items as 1, 2, or 3, you could show them as b9iLXiAa, EATedTBy, and Aaco9cy5. Hashes change depending on your salt value.
Hashids was designed for use in URL shortening, tracking stuff, validating accounts or making pages private (through abstraction). Instead of showing items as 1, 2, or 3, you could show them as b9iLXiAa, EATedTBy, and Aaco9cy5. Hashes change depending on your salt value.
This algorithm tries to satisfy 4 requirements:
| Name | Description | ||
|---|---|---|---|
| 1 | salt | optional | Custom value that will make your hashes unique to your salt. If salt is changed, your hashes cannot be decrypted properly. Empty string by default. |
| 2 | min_hash_length | optional | Minimum hash length to set for your hashes. Default is 0, meaning your hashes will be the shortest possible. |
| 3 | alphabet | optional | Custom alphabet to set for your hashes. By default it's set to lower case letters, upper case letters, and numbers. |
/* using custom salt value */
var hashids = new Hashids("this is my salt");
var hash1 = hashids.encrypt(1), /* LX */
hash2 = hashids.encrypt(2), /* ed */
hash3 = hashids.encrypt(3), /* o9 */
hash4 = hashids.encrypt(1, 2, 3), /* eGtrS8 */
hash5 = hashids.encrypt(5, 5, 5, 5, 5), /* 8bsBI4U5tj */
hash6 = hashids.encrypt(0, 0, 1); /* nrUKF7 */
/* setting minimum hash length */
var hashidsMinLength = new Hashids("this is my salt", 16);
var hash1 = hashidsMinLength.encrypt(1), /* AA6Fb9iLXiAaBFB5 */
hash2 = hashidsMinLength.encrypt(1, 2, 3); /* rIgkTeGtrS8cbRrI */
/* setting custom alphabet */
var hashidsCustom = new Hashids("this is my salt", 0, "ABCDEFGHIJKLMNOPQR");
var hash1 = hashidsCustom.encrypt(1234), /* ROFF */
hash2 = hashidsCustom.encrypt(5678); /* ANDID */
/* using correct salt value */
var hashids = new Hashids("this is my salt");
var numbers1 = hashids.decrypt("eGtrS8"), /* [1, 2, 3] */
numbers2 = hashids.decrypt("8bsBI4U5tj"); /* [5, 5, 5, 5, 5] */
/* using incorrect salt value */
var hashids = new Hashids("this is my pepper");
var numbers1 = hashids.decrypt("eGtrS8"), /* [] */
numbers2 = hashids.decrypt("8bsBI4U5tj"); /* [] */
If you are using a relational database, you could store hashes for each row, so you could select by them. But then you'd need to index them to speed up reads.
Since all primary keys are already indexed, you could instead encrypt/decrypt your primary keys on the fly and select by those.
If you have a complex clustered system, you could encrypt several numbers at once. For example, your shard number and your primary key 2, 1337 and turn them into a single hash: zKIa5e.
This code was written with the intent of placing created hashes in visible places - like the URL. Which makes it unfortunate if generated hashes accidentally formed a bad word.
Therefore, the algorithm tries to avoid generating most common English curse words. This is done by never placing the following letters next to each other:
c, C, s, S, f, F, h, H, u, U, i, I, t, T
There are no hash collisions if you use constructor parameters consistently. In other words, once you've started generating hashes, don't change your salt or the alphabet.
A true cryptographic hash cannot be decrypted. However, to keep things simple the word hash is used loosely to refer to the random set of characters that are generated. Take a deep breath, relax. It's only a name :]
Hashids is under MIT License — use it in commercial or open-source projects.
Don't break the Internet.