Reputation: 1633
how to create unique URLs in nodejs
I am trying to create a unique URL that get sent to users via email, once clicked they result in a unique page where the user can his data for the creation of an account.
The URL should be unique and can port, in a scure way, some data about the account which the user is going to create like a prefixed email address or any other field.
I don't know the exact name for these kind of URLs but i saw it used by google and i want to implement the idea in my nodeJS based platform, so how can i do that ?.
Upvotes: 0
Views: 2934
Answers (2)
Reputation: 91
You can use the native crypto of Node.js.
const crypto = require('crypto');
crypto.randomBytes(64, (err, buf) => {
if (err) throw err;
console.log(`${buf.length} bytes of random data: ${buf.toString('hex')}`);
});
More info here: https://nodejs.org/api/crypto.html#crypto_crypto_randombytes_size_callback
What I used to do, I saved the generated random string to the user table. When the user clicks on the link, I'll check if the string on the url matches the one in the database. If it matches, the user can proceeds to edit his information (or do anything that you allow him/her to do).
After verifying the token, you should remove it from the database. The link should be used only once for security purpose.
Upvotes: 2
Reputation: 1
Can't you just put the userid or a random guid in the url? That way you can also lookup the user in the db. UserId won't be secure tough.
Upvotes: 0
Related Questions
- nodejs express automatic url normalization and redirection
- How protect API routes?
- how can get unique url for each post in node js
- How to best secure MongoDB database url in Node.js app
- Generate secure shareable URL for access to web app (NodeJS)
- Nodejs Express redirect to shareable unique url with client JS working
- How to add security on my node.js web pages?
- Securing a specific route node.js
- NodeJS + Express: How to secure a URL
- URL design in node.js routing