UNPKG

electrode-csrf-jwt

Version:

Stateless Cross-Site Request Forgery (CSRF) protection with JWT

github.com/electrode-io/electrode-csrf-jwt

electrode-io/electrode-csrf-jwt

30 lines (26 loc) 818 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
"use strict"; /* eslint-disable prefer-template, no-magic-numbers */ /* * * A very simple and reasonably unique ID generator using Math.random and Date.now. * * IDs look like this: 2s53xp2feox_jeohy54s * * Given that Math.random is not a very good random number generator, the chance of collison * is there, so choose this carefully. * * Note that the uuid module being used depends on the high quality random generator * https://nodejs.org/docs/latest-v8.x/api/crypto.html#crypto_crypto_randombytes_size_callback * which depends on libuv's threadpool to get entropy and could have * "surprising and negative performance implications for some applications" * */ module.exports = () => { return ( Math.random() .toString(36) .substr(2) + "_" + Date.now().toString(36) ); };