uid should be replaced with uid2
mreinstein opened this issue · comments
Michael Reinstein commented
apparently uid is based on Math.random()
and the author is opposed to correcting this:
https://github.com/matthewmueller/uid/blob/master/Readme.md
It's better to use node's crypto API as a source for random numbers used in authentication. uid2 is probably a better choice. https://www.npmjs.com/package/uid2