I am using my own authentication and sort of worried about the present security of my API. What would you suggest would be a good way to generate API keys? And what would be a better way to hash the password?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am using my own authentication and sort of worried about the present security of my API. What would you suggest would be a good way to generate API keys? And what would be a better way to hash the password?
For api keys I would suggest you node-uuid. For hashing passwords – builtin crypto. For api secrets you can also use node-uuid + crypto combined. Something like that (node repl):