secure-random-string - npm Package Compare versions

Comparing version 0.0.2 to 0.1.0

lib/secure-random-string.js

@@ -12,5 +12,15 @@ var crypto = require('crypto');
 
-	crypto.randomBytes(length, function(ex, buf) {
-		if (ex) throw ex;
+  // async path
+  if (cb) {
+    crypto.randomBytes(length, function(ex, buf) {
+      if (ex) throw ex;
+      return cb(_finish(buf));
+    });
+  }
+  // sync path
+  else {
+    return _finish(crypto.randomBytes(length));
+  }
 
+  function _finish (buf) {
 		var string = buf.toString('base64');
@@ -20,9 +30,9 @@ if (options.urlsafe) {
 		}
+    return string.substr(0, length);
+  }
 
-		cb(string.substr(0, length));
-	});
-
 };
 
 
+
 module.exports = srs;

package.json

 {
   "name": "secure-random-string",
-  "version": "0.0.2",
+  "version": "0.1.0",
   "description": "Generates a secure random string with a given length",
@@ -19,2 +19,3 @@ "main": "lib/secure-random-string.js",
   "author": "Simon Santoro",
+  "contributors": ["Mark Stosberg <mark@rideamigos.com>"],
   "license": "MIT",
@@ -21,0 +22,0 @@ "bugs": {

README.md

 # secure-random-string
-a node module that generates a secure random string with a given length
 
+Node.js module that generates a cryptographically secure random string with a given length
+
 ## Usage
-`require` it
 
-```
+```javascript
 var srs = require('secure-random-string');
 ```
 
+### Default behavior: Generate a random string 32 characters long.
 
-generate a random string that is 32 chars long (the default)
-```
+```javascript
+// Sync
+var result = srs();
+
+// Async
 srs(function(sr) {
 	console.log(sr);
 });
+
 ```
 
+### Options: length, urlsafe
 
-generate a random string that is 256 chars long
-```
-srs({length: 256}, function(sr) {
+Optionally, you can specify a 'length' option to specify a length.
+
+The 'urlsafe' option replaces a potential `+` character with `-` and the `/` character
+with `_`, created a valid [base64url](https://en.wikipedia.org/wiki/Base64) format string.
+
+```javascript
+// sync
+var result = srs({length: 256, urlsafe:true});
+
+// async
+srs({length: 256, urlsafe:true}, function(sr) {
 	console.log(sr);
@@ -27,8 +41,17 @@ });
 
+## Error handling
 
-generate a random string that is 20 chars long and is url safe (can be used as a url token)
-```
-srs({length: 20, urlsafe: true}, function(sr) {
-	console.log(sr);
-});
-```
+Will throw error if there is not enough accumulated entropy to generate cryptographically strong data. In other words, this without callback will not block even if all entropy sources are drained.
+
+## Author
+
+ [Simon Santoro](https://github.com/S2-)
+
+## Contributors
+
+ [Mark Stosberg](https://github.com/markstos)
+
+## License
+
+[MIT](https://github.com/aheckmann/node-ses/blob/master/LICENSE)
+

tests.js

@@ -31,3 +31,3 @@ var srs = require('./lib/secure-random-string.js');
 
-//the actual tests
+// async tests
 srs(function(sr) {
@@ -62,1 +62,6 @@ test('generate a random string 32 chars long',
 
+// sync tests
+test('generate a random string 32 chars long (sync)', srs().length, 32);
+test('generate a random string 1 chars long (sync)', srs({length:1}).length, 1);
+test('generate a random string 256 chars long (sync)', srs({length:256}).length, 256);
+test('generate a urlsafe random string 256 chars long (sync)', srs({length:256, urlsafe:true}).length, 256);

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

4036

increased by44.04%

Lines of code

81

increased by22.73%

Number of lines in readme file

57

increased by67.65%

No dependency changes