diff options
author | gumi <git@gumi.ca> | 2020-03-31 14:36:40 -0400 |
---|---|---|
committer | gumi <git@gumi.ca> | 2020-03-31 14:36:40 -0400 |
commit | 4d6545e66feb0e7ec53c76a3bf0247c1c3629dd4 (patch) | |
tree | 51bac6e432726a472fc5b7163f6f35c2823a565f /src/routers/vault/types/Session.js | |
parent | 930485dfe22db16f5b613750eb9518bb64b4fe4f (diff) | |
download | api-4d6545e66feb0e7ec53c76a3bf0247c1c3629dd4.tar.gz api-4d6545e66feb0e7ec53c76a3bf0247c1c3629dd4.tar.bz2 api-4d6545e66feb0e7ec53c76a3bf0247c1c3629dd4.tar.xz api-4d6545e66feb0e7ec53c76a3bf0247c1c3629dd4.zip |
add support for nanoid for session tokens
Diffstat (limited to 'src/routers/vault/types/Session.js')
-rw-r--r-- | src/routers/vault/types/Session.js | 25 |
1 files changed, 20 insertions, 5 deletions
diff --git a/src/routers/vault/types/Session.js b/src/routers/vault/types/Session.js index 59737b3..d1b3943 100644 --- a/src/routers/vault/types/Session.js +++ b/src/routers/vault/types/Session.js @@ -1,8 +1,15 @@ -const uuidv4 = require("uuid/v4"); +const nanoid = require("nanoid"); +const dictionaries = require("nanoid-dictionary"); const Identity = require("./Identity.js"); const EvolAccount = require("./EvolAccount.js"); const LegacyAccount = require("./LegacyAccount.js"); +/** custom nanoid generators */ +const newToken = { + n23: nanoid.customAlphabet(dictionaries.nolookalikes, 23), + n36: () => nanoid.nanoid(36), +}; + /** * holds a cache of all the user data fetched from SQL */ @@ -72,18 +79,26 @@ module.exports = class Session { constructor (ip, email) { this.ip = ip; this.email = email.toLowerCase(); - this.secret = uuidv4(); + this.secret = newToken.n36(); + } + + /** + * generate a secure unique token that is shared with the end-user. + * excludes lookalike characters but is still stronger than uuidv4 + * @param {number} - the token length + */ + static async generateToken () { + return newToken.n23(); } /** * serialize for sending over the network - * @param {*} key */ - toJSON (key) { + toJSON () { return { expires: this.expires, identity: this.identity.id, - } + }; } /** |