random-web-token
Advanced tools
Generate customizable random strings (tokens) using secure charsets with validation – zero dependencies.
This package uses the secure Node.js crypto module.
A lightweight utility for generating customizable random strings (a.k.a. "tokens") using predefined or custom character sets. Includes simple validation to check whether a given string matches a specific character set and length.
Ideal for user-facing identifiers such as activation links, invitation links, forgot password links, or other non-sensitive unique strings.
npm install random-web-token
npm install --save-dev @types/random-web-token
const token = require("random-web-token");
const generated = token.genSync("extra", 50);
console.log(generated); // e.g., "fT7ZkWA4NpDqF0BjgY..."
await)const token = require("random-web-token");
async function generate() {
const generated = await token.genAsync("extra", 50);
console.log(generated); // e.g., "h8YkMRaWg5tBz4QEX..."
}
generate();
TypeScript version:
import * as token from "random-web-token";
async function generate() {
const generated = await token.genAsync("extra", 50);
console.log(generated);
}
generate(); // -> sHF3p8zZCTdAmJ0cyS60NK...
Use one of the predefined sets as the first argument when generating a string:
| Name | Characters Used |
|---|---|
"normal" | a–z |
"normal+" | A–Z |
"medium" | a–z, 0–9 |
"medium+" | A–Z, 0–9 |
"extra" | a–z, A–Z, 0–9 |
"onlyNumbers" | 0–9 |
You can validate whether a given string matches a specific character set and length:
const token = require("random-web-token");
const t = token.genSync("extra", 50);
// Valid case
console.log(token.syncValidator("extra", 50, t)); // true
// Invalid: wrong length
console.log(token.syncValidator("extra", 40, t)); // false
// Invalid: wrong character set
console.log(token.syncValidator("normal", 50, t)); // false
You can optionally allow specific extra characters:
const altered = token.genSync("extra", 50) + "+!/";
console.log(token.syncValidator("extra", 53, altered, "+!/")); // true
Need a fully custom character set? Use withMyOwnCharacters():
const token = require("random-web-token");
async function customToken() {
const t = await token.withMyOwnCharacters("abc123", 10);
console.log(t); // e.g., "a12cb31acb"
}
customToken();
FAQs
Generate customizable random strings (tokens) using secure charsets with validation – zero dependencies.
The npm package random-web-token receives a total of 100 weekly downloads. As such, random-web-token popularity was classified as not popular.
We found that random-web-token demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Application Security
/Security News
Socket CEO Feross Aboukhadijeh and a16z partner Joel de la Garza discuss vibe coding, AI-driven software development, and how the rise of LLMs, despite their risks, still points toward a more secure and innovative future.
Research
/Security News
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
Research
/Security News
Socket researchers investigate 4 malicious npm and PyPI packages with 56,000+ downloads that install surveillance malware.