an offline token generator and validator
What does it does?
It works on top of one dynamic variable, an expired timestamp, we simply create two things from it: an hash part and an obfuscated timestamp.
So, whenever you hit
.generate, it will render a different token that could be
always validated (even on different processes, or different nodes) as since you
configure it with same
Seems complex? ( If not, you really should dig on this and help us to make it even better )
Why should i use it?
- It's Open-Source and free to use;
- You could contribute to it;
- It's extendable, because it's built on top of findhit-class;
- You don't have to maintain a data source such as a database table to store tokens, each token carries its own check;
- It's secure, and you could increase security by providing your own hash method;
- We are also using it, if we trust on it, you should do it also!
npm i --save token-generator
Token Generator is designed to have a simple impementation. You just need to create an TG with your own options just like the example above:
var TokenGenerator =salt: 'your secret ingredient for this magic recipe'timestampMap: 'abcdefghij' // 10 chars array for obfuscation proposes;
Then you could generate and validate tokens simply as:
var token = TokenGenerator;
And check with:
if TokenGenerator// ...else// ...// You could also use// .isInvalid// .isntValid// .isntInvalid
If you catch an invalid token, you could check why it is invalid by validating
tryTokenGeneratorcatch error// For security proposes, error will always be 'Invalid or expired token'console// But you can dig it up by checking `.parent` Errorconsole;
Have you liked this?
Please, star this repo and if you find any issue don't hesitate to fill it or to provide a Pull Request. 👍