Websafe encoding of hashed string in nodejs

Question

I am creating a re-director of sorts in nodejs. I have a few values like userid // superid

these I would like to hash to prevent users from retrieving the url and fakin

Answer 1

Here's what I used. Comments welcome :-)

The important bit is buffer.toString('base64'), then URL-safeing that base64 string with a couple of replace()s.

function newId() {
  // Get random string with 20 bytes secure randomness
  var crypto = require('crypto');
  var id = crypto.randomBytes(20).toString('base64');
  // Make URL safe
  return id.replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, '');
}

Based on the implementation here.

Makes a string safe for URL's and local email addresses (before the @).