Secure random token in Node.js


In this question Erik needs to generate a secure random token in Node.js. There's the method crypto.randomBytes that generates a random Buffer. However, the base64 encoding in node is not url-safe, it includes / and + instead of - and _. Therefore, the easiest way to generate such token I've found is

require('crypto').randomBytes(48, function(ex, buf) {
    token = buf.toString('base64').replace(/\//g,'_').replace(/\+/g,'-');

Is there a more elegant way?

This question is tagged with javascript node.js base64 securestring

~ Asked on 2012-01-13 18:55:14

The Best Answer is


Try crypto.randomBytes():

require('crypto').randomBytes(48, function(err, buffer) {
  var token = buffer.toString('hex');

The 'hex' encoding works in node v0.6.x or newer.

~ Answered on 2012-01-13 19:33:12


Synchronous option in-case if you are not a JS expert like me. Had to spend some time on how to access the inline function variable

var token = crypto.randomBytes(64).toString('hex');

~ Answered on 2014-08-13 16:59:27

Most Viewed Questions: