I am using my own authentication and sort of worried about the present security of my API. What would you suggest would be a good way to generate API keys? And what would be a better way to hash the password?
For api keys I would suggest you node-uuid. For hashing passwords - builtin crypto. For api secrets you can also use node-uuid + crypto combined. Something like that (node repl):
> require('node-uuid')()
'5d2962e4-55c8-460c-aa7b-9586905779cb'
> require('crypto').createHash('sha256').update(_).update('salt').digest('hex');
'06f905820cafb3b34bd7ba8729acf6d671446ff09ffb0aaa7f0290c936fc6c68'
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With