Skip to content

Tag: express

Reset password token with crypto in an Express app

I have this forgot password handler in my Express app. I send an email with a crypto.randomBytes(20).toString(“hex”) token, that I use later to verify the request. It is working perfectly. However, I have seen that people are hashing this token before sending it and storing in the data base, and I don’t see why, cause it is already a random