🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
csrf-tokens
Advanced tools
csrf-tokens - npm Package Compare versions
Comparing version 1.0.0 to 1.0.1
11
index.js
| var crypto = require('crypto') | ||
| var rndm = require('rndm') | ||
| var crypto = require('crypto') | ||
| var scmp = require('scmp') | ||
| var uid = require('uid2') | ||
@@ -29,4 +31,4 @@ module.exports = function (options) { | ||
| // to do: async version | ||
| function secret() { | ||
| return crypto.randomBytes(secretLength).toString('base64') | ||
| function secret(cb) { | ||
| return uid(secretLength, cb) | ||
| } | ||
@@ -41,3 +43,4 @@ | ||
| function verify(secret, token) { | ||
| return tokensize(secret, token.split('-')[0]) === token | ||
| var expected = tokensize(secret, token.split('-')[0]) | ||
| return scmp(token, expected) | ||
| } | ||
@@ -44,0 +47,0 @@ |
| { | ||
| "name": "csrf-tokens", | ||
| "description": "primary logic behind csrf tokens", | ||
| "version": "1.0.0", | ||
| "version": "1.0.1", | ||
| "author": { | ||
@@ -14,3 +14,5 @@ "name": "Jonathan Ong", | ||
| "dependencies": { | ||
| "rndm": "1" | ||
| "rndm": "1", | ||
| "uid2": "~0.0.2", | ||
| "scmp": "~0.0.3" | ||
| }, | ||
@@ -17,0 +19,0 @@ "devDependencies": { |
No alert changes
Improved metrics
- Total package byte prevSize
4912
2.08%- Lines of code
72
4.35%Worsened metrics
- Dependency count
3
200%Dependency changes
+ Added
scmp@~0.0.3+ Added
uid2@~0.0.2+ Added
scmp@0.0.3(transitive)+ Added
uid2@0.0.4(transitive)