I am trying to generate unique keys/ tokens in expressjs. I am using hat. But the key it generates is in numbers and lowercase letters:
1b1a7af4e304fc0fa49216ce248ae574
My code:
var express = require('express');
var hat = require("hat");
var app = express();
app.get('/', function (req, res) {
res.send(hat());
});
But I prefer keys like this (mixture of lower and upper case and numbers):
EzpoQlgvQESADxzAQX94uwPgoYX
Any ideas what node package I should use to create key like that (mixture of lower and upper case and numbers)?
What are the differences between these two types of keys by the way? Which is safer and better?
As far as generating unique keys in this form I'm not sure of a library, but the simplest solution might be to do away with any third party code and use a one liner such as var key = require('crypto').randomBytes(64).toString('base64'); which will give you just as good results, allow you to control your collision probability and customise your keys to suit.
As for your second question which is better, it depends on your classification of better.
The main goal for keys such as this their level of entropy. In very simple terms, having both uppercase and lowercase letters and numbers would increase your per character entropy to 62 possible combinations while having just lowercase letters and numbers you would have 36 possible combinations.
This means as far as entropy is concerned, again is simple terms, a 62 character lowercase+number key would be as effective as a 36 character long uppercase+lowercase+number key.
While having shorter keys might be useful for your situation (or preference?), you could run into issues on different tech which might be case insensitive.