Securely Generating Tokens With Ruby's SecureRandom
Secure user authentication with Ruby's SecureRandom: generating tokens & digests to prevent misuse. Tokens are randomly generated strings used temporarily for auth, while digests are stored hashed on server side.
Introduction Hi, I'm Take, and I work as an engineer at an in-house development company in Tokyo. In this article, I'll share what I've learned about generating tokens necessary for secure user authentication using Ruby’s standard library, SecureRandom. Background What is SecureRandom? SecureRandom is a tool used to generate random numbers and strings that are hard to predict. You can learn more about it in this helpful article here. What is a Token? A token is a randomly generated string used temporarily to identify a user. What is a Digest? During aut...