+-------------------+------------------------+
| https://yoursite.com |
+-------------------+------------------------+
| | |
+-----------------+-----------------+-----------------+
| (DEVICE A) | (DEVICE B) | (DEVICE C) |
| device-specific | device-specific | device-specific |
| fingerprint | fingerprint | fingerprint |
+-----------------+-----------------+-----------------+
A lightweight JavaScript/TypeScript package that generates device-specific hashed fingerprints for devices in both browser and server environments. The library allows customization of what data is included in the fingerprint, with options for saving the hash in cookies, passing headers for server-side use, and providing the user's IP directly.
hashed-device-fingerprint-js generates fingerprints using device data like [screenResolution, platform, concurrency, userIP] by default, with userAgent and language disabled. You can add customData (e.g., userID) to make the array [screenResolution, platform, concurrency, userIP, customData] (e.g. [1920x1080, Windows, 4 cores, 203.0.113.45, user-12345]), ensures a consistent generated same hash across browsers on the same device.
- A real-world example: Limiting sharing by detecting multiple devices accessing a single account.
- A real-world example: preventing fraud by tracking devices creating fake accounts. and more...
- Generate a device-specific fingerprint hash based on:
- User Agent (disabled by default)
- Browser/System Language (disabled by default)
- Screen Resolution (Browser-only)
- Platform (e.g.,
Win32orLinux) - Hardware Concurrency (Browser-only)
- IP Address (with options to pass it manually or fetch automatically)
- Support for browser and server environments:
- Browser: Uses
navigatorandscreenproperties. - Server: Relies on HTTP headers and server-side properties.
- Browser: Uses
- Save the hashed fingerprint in a cookie (browser only) with a customizable expiration time.
- Fully customizable: enable or disable specific data points.
- Compatible with both
require(CommonJS) andimport(ES Modules).
Install the package using npm:
npm install hashed-device-fingerprint-js
Install the package using yarn:
yarn add hashed-device-fingerprint-js
By default, all options are enabled (userAgent and language disabled). The library generates a fingerprint hash using all available device data and automatically fetches the user's IP address.
import { generateHashedFingerprint } from 'hashed-device-fingerprint-js';
generateHashedFingerprint()
.then(hash => console.log('Fingerprint Hash:', hash))
.catch(error => console.error('Error:', error));In a Server environment, pass HTTP headers to generate a fingerprint. Use the environment option to specify the server-side environment.
const { generateHashedFingerprint } = require('hashed-device-fingerprint-js');
// import { generateHashedFingerprint } from 'hashed-device-fingerprint-js';
// Example HTTP headers
const headers = {
'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64)',
'accept-language': 'en-US,en;q=0.9',
'x-forwarded-for': '203.0.113.45',
};
generateHashedFingerprint({
environment: 'server',
headers,
})
.then(hash => console.log('Fingerprint Hash:', hash))
.catch(error => console.error('Error:', error));Customize the behavior by passing an options object:
generateHashedFingerprint({
useUserAgent: false, // Exclude the user agent (default: true)
useLanguage: false, // Exclude the browser language
useScreenResolution: true, // Include screen resolution (default: true)
usePlatform: true, // Include platform information (default: true)
useConcurrency: true, // Include logical processors (default: true)
useIP: true, // Fetch and include the user's IP (default: true)
userIP: '203.0.113.45', // Provide IP manually (overrides API fetch)
saveToCookie: false, // Do not save the hash in a cookie (default: true)
cookieExpiryDays: 10 // Cookie expiry in days (default: 7)
})
.then(hash => console.log('Custom Fingerprint Hash:', hash))
.catch(error => console.error('Error:', error));The IP address is included in the fingerprint based on these rules:
- If
userIPis provided, it is used directly. - If
userIPis null and useIP is true, the IP is fetched using an external API (https://api64.ipify.org). - If useIP is false, the IP is excluded entirely.
generateHashedFingerprint({ saveToCookie: true })
.then(hash => console.log('Fingerprint saved in cookie:', hash))
.catch(error => console.error('Error:', error));generateHashedFingerprint({ useIP: false })
.then(hash => console.log('Fingerprint without IP:', hash))
.catch(error => console.error('Error:', error));generateHashedFingerprint({ userIP: '203.0.113.45' })
.then(hash => console.log('Fingerprint with manual IP:', hash))
.catch(error => console.error('Error:', error));const { generateHashedFingerprint } = require('hashed-device-fingerprint-js');
// Basic route
app.get('/hash', async (req, res) => {
// Define headers for fingerprint generation
const headers = {
'user-agent': req.headers['user-agent'] || 'Unknown',
'accept-language': req.headers['accept-language'] || 'Unknown',
'x-forwarded-for': req.headers['x-forwarded-for'] || req.connection.remoteAddress || 'Unknown',
};
try {
// Generate the fingerprint hash
const hash = await generateHashedFingerprint({
environment: 'server',
headers,
});
// Log the hash
console.log('Generated Hash:', hash);
// Send the hash as the response
res.send({ hash });
} catch (error) {
// Handle errors
console.error('Error generating fingerprint:', error);
res.status(500).send({ error: 'Failed to generate fingerprint' });
}
});The package includes TypeScript type definitions for all options and methods. Here’s a quick example:
import { generateHashedFingerprint, FingerprintOptions } from 'hashed-device-fingerprint-js';
const options: Partial<FingerprintOptions> = {
saveToCookie: false,
useUserAgent: true,
useIP: true
};
generateHashedFingerprint(options)
.then(hash => console.log('Typed Fingerprint Hash:', hash))
.catch(error => console.error('Error:', error));Errors are thrown as JavaScript Error objects. Use a try-catch block or .catch() to handle them safely:
generateHashedFingerprint()
.then(hash => console.log('Fingerprint Hash:', hash))
.catch(error => {
if (error instanceof Error) {
console.error('Error:', error.message);
} else {
console.error('Unknown Error:', error);
}
});-
saveToCookie- Type:
boolean - Default:
true - Description: Save the generated hash in a cookie.
- Type:
-
cookieExpiryDays- Type:
number - Default:
7 - Description: Number of days before the cookie expires.
- Type:
-
useUserAgent- Type:
boolean - Default:
false - Description: Include the browser's user agent string in the fingerprint.
- Type:
-
useLanguage- Type:
boolean - Default:
false - Description: Include the browser's language setting in the fingerprint.
- Type:
-
useScreenResolution- Type:
boolean - Default:
true - Description: Include the screen's resolution and color depth in the fingerprint.
- Type:
-
usePlatform- Type:
boolean - Default:
true - Description: Include platform information (e.g., "Win32", "MacIntel").
- Type:
-
useConcurrency- Type:
boolean - Default:
true - Description: Include the number of logical processors.
- Type:
-
useIP- Type:
boolean - Default:
true - Description: Fetch and include the user's IP address.
- Type:
-
userIP- Type:
string - Default:
null - Description: Provide an IP address manually (overrides API fetch).
- Type:
-
headers- Type:
Record<string, string[]> - Default:
{} - Description: HTTP headers for server-side fingerprinting.
- Type:
-
environment- Type:
'browser' | 'server' - Default:
Auto-detected - Description: Specify the environment explicitly (e.g.,
'browser'or'server').
- Type:
-
customData- Type:
string - Default:
null - Description: Custom data to include in the fingerprint (e.g.,
UUIDoruser ID).
- Type:
This package is licensed under the MIT License.
- Fork the repository.
- Create a new branch:
git checkout -b feature-name. - Commit your changes:
git commit -m 'Add feature'. - Push to the branch:
git push origin feature-name. - Submit a pull request.
If you encounter any issues or have questions, feel free to open an issue on Repo Issues.
Happy coding! 🚀