Hick
Reputation: 36404
What would be the best possible way to generate API keys and hash passwords in Nodejs?
I am using my own authentication and sort of worried about the present security of my API. What would you suggest would be a good way to generate API keys? And what would be a better way to hash the password?
Upvotes: 8
Views: 4640
Answers (1)
Anatoliy
Reputation: 30073
For api keys I would suggest you node-uuid. For hashing passwords - builtin crypto. For api secrets you can also use node-uuid + crypto combined. Something like that (node repl):
> require('node-uuid')()
'5d2962e4-55c8-460c-aa7b-9586905779cb'
> require('crypto').createHash('sha256').update(_).update('salt').digest('hex');
'06f905820cafb3b34bd7ba8729acf6d671446ff09ffb0aaa7f0290c936fc6c68'
Upvotes: 26
Related Questions
- Password Hashing in Node.js
- How to store sensitive datas with NodeJS without storing private key in plain text?
- Which is the best way to store sensitive credentials in Node.js?
- How services generate and use public and secret API keys?
- Best practice when using an API key in Node.js
- A good npm module for hashing and salting user login/passwd?
- Best way to authenticate node.js file use?
- How to secure node js API
- Hash, salt and save password in Node/Express
- Secure APIs using Node.js