crypto-random-string
Advanced tools
Package description
The crypto-random-string package is a utility for generating cryptographically strong random strings of a specified length, using Node.js's crypto module. It can be used for creating unique identifiers, tokens, or any other use cases where random strings are needed.
Generating a random string of a specified length
This feature allows you to generate a random string with a specified length. The length is provided as an option in an object passed to the function.
const cryptoRandomString = require('crypto-random-string');
const randomString = cryptoRandomString({length: 10});
console.log(randomString);Generating a random string with a specific type
This feature allows you to generate a random string with a specific character set, such as alphanumeric, numeric, or 'url-safe' characters.
const cryptoRandomString = require('crypto-random-string');
const alphanumericString = cryptoRandomString({length: 10, type: 'alphanumeric'});
console.log(alphanumericString);Generating a random string with custom characters
This feature allows you to generate a random string using a custom set of characters provided by the user.
const cryptoRandomString = require('crypto-random-string');
const customString = cryptoRandomString({length: 10, characters: 'abc123'});
console.log(customString);The uuid package is used to generate universally unique identifiers (UUIDs). While crypto-random-string generates random strings of a specified length, uuid generates strings in a specific UUID format. UUIDs are often used as database keys, component identifiers, or to ensure uniqueness across distributed systems.
NanoID is a tiny, secure, URL-friendly, unique string ID generator. Similar to crypto-random-string, it can generate random strings of various lengths and character sets. NanoID claims to be a more compact and faster alternative to UUIDs and has a smaller package size compared to crypto-random-string.
Randomatic is a package that generates random strings based on patterns. It allows for more complex patterns and masks than crypto-random-string, such as repeating sequences and placeholders for specific character types (letters, numbers, etc.). This package offers more granular control over the structure of the generated string.
Readme
Generate a cryptographically strong random string
Can be useful for creating an identifier, slug, salt, PIN code, fixture, etc.
Works in Node.js and browsers.
npm install crypto-random-string
import cryptoRandomString from 'crypto-random-string';
cryptoRandomString({length: 10});
//=> '2cf05d94db'
cryptoRandomString({length: 10, type: 'base64'});
//=> 'YMiMbaQl6I'
cryptoRandomString({length: 10, type: 'url-safe'});
//=> 'YN-tqc8pOw'
cryptoRandomString({length: 10, type: 'numeric'});
//=> '8314659141'
cryptoRandomString({length: 6, type: 'distinguishable'});
//=> 'CDEHKM'
cryptoRandomString({length: 10, type: 'ascii-printable'});
//=> '`#Rt8$IK>B'
cryptoRandomString({length: 10, type: 'alphanumeric'});
//=> 'DMuKL8YtE7'
cryptoRandomString({length: 10, characters: 'abc'});
//=> 'abaaccabac'
Returns a randomized string. Hex by default.
Returns a promise which resolves to a randomized string. Hex by default.
For most use-cases, there's really no good reason to use this async version. From the Node.js docs:
The
crypto.randomBytes()method will not complete until there is sufficient entropy available. This should normally never take longer than a few milliseconds. The only time when generating the random bytes may conceivably block for a longer period of time is right after boot, when the whole system is still low on entropy.
In general, anything async comes with some overhead on it's own.
import {cryptoRandomStringAsync} from 'crypto-random-string';
await cryptoRandomStringAsync({length: 10});
//=> '2cf05d94db'
Type: object
Required
Type: number
Length of the returned string.
Type: string
Default: 'hex'
Values: 'hex' | 'base64' | 'url-safe' | 'numeric' | 'distinguishable' | 'ascii-printable' | 'alphanumeric'
Use only characters from a predefined set of allowed characters.
Cannot be set at the same time as the characters option.
The distinguishable set contains only uppercase characters that are not easily confused: CDEHKMPRTUWXY012458. It can be useful if you need to print out a short string that you'd like users to read and type back in with minimal errors. For example, reading a code off of a screen that needs to be typed into a phone to connect two devices.
The ascii-printable set contains all printable ASCII characters: !"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~ Useful for generating passwords where all possible ASCII characters should be used.
The alphanumeric set contains uppercase letters, lowercase letters, and digits: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789. Useful for generating nonce values.
Type: string
Minimum length: 1
Maximum length: 65536
Use only characters from a custom set of allowed characters.
Cannot be set at the same time as the type option.
FAQs
Generate a cryptographically strong random string
The npm package crypto-random-string receives a total of 13,048,764 weekly downloads. As such, crypto-random-string popularity was classified as popular.
We found that crypto-random-string demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.
Security News
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.