One Paragraph of project description goes here
These instructions will get you a copy of the project up and running on your local machine for development and testing purposes. See deployment for notes on how to deploy the project on a live system.
Not all random values are created equal - for security-related code, you need a specific kind of random value.
A summary of this article, if you don't want to read the entire thing:
Math.random()
. There are extremely few cases where Math.random()
is the right answer. Don't use it, unless you've read this entire article, and determined that it's necessary for your case.crypto.getRandomBytes
directly. While it's a CSPRNG, it's easy to bias the result when 'transforming' it, such that the output becomes more predictable.uuid
, specifically the uuid.v4()
method. Avoid node-uuid
- it's not the same package, and doesn't produce reliably secure random values.random-number-csprng
.You should seriously consider reading the entire article, though - it's
{ | |
"scripts": { | |
"build": "npm run build:es2015 && npm run build:esm && npm run build:cjs && npm run build:umd && npm run build:umd:min", | |
"build:es2015": "tsc --module es2015 --target es2015 --outDir dist/es2015", | |
"build:esm": "tsc --module es2015 --target es5 --outDir dist/esm", | |
"build:cjs": "tsc --module commonjs --target es5 --outDir dist/cjs", | |
"build:umd": "rollup dist/esm/index.js --format umd --name YourLibrary --sourceMap --output dist/umd/yourlibrary.js", | |
"build:umd:min": "cd dist/umd && uglifyjs --compress --mangle --source-map --screw-ie8 --comments --o yourlibrary.min.js -- yourlibrary.js && gzip yourlibrary.min.js -c > yourlibrary.min.js.gz", | |
} | |
} |
DO WTF YOU WANT TO PUBLIC LICENSE | |
Version 2, December 2004 | |
Copyright (C) 2011 Alexey Silin <pinkoblomingo@gmail.com> | |
Everyone is permitted to copy and distribute verbatim or modified | |
copies of this license document, and changing it is allowed as long | |
as the name is changed. | |
DO WTF YOU WANT TO PUBLIC LICENSE |
When the directory structure of your Node.js application (not library!) has some depth, you end up with a lot of annoying relative paths in your require calls like:
const Article = require('../../../../app/models/article');
Those suck for maintenance and they're ugly.
https://github.com/djvirgen/virgen-acl Simple and elegant, create your own checks. No middleware?
https://github.com/OptimalBits/node_acl Use as middleware, create your own roles and access. Great choice.
https://github.com/tschaub/authorized Similar to connect roles... but a bit more robust? you can create roles and action, and associate many roles with that action
Table of Contents generated with DocToc
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE | |
Version 2, December 2004 | |
Copyright (C) 2011 Jed Schmidt <http://jed.is> | |
Everyone is permitted to copy and distribute verbatim or modified | |
copies of this license document, and changing it is allowed as long | |
as the name is changed. | |
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE |