What hashing algorithm does express-session use for session id cookie?

1595 views node.js
8

Title says it all, I am just interested in what algorithm is used to hash these cookies, and I need help, because i couldn't find out it myself by looking at the sources.

Thanks in advance.

answered question
Add a Comment

1 Answer

1
Dai 0 Comments

  • It doesn't use a hashing algorithm. It uses uid(24) instead. uid(n) generates random, unpredicable, values:
  • Session identifiers (in any context, really) should not be based on a hash of anything anyway because:
    • Session content tends to be mutable, not immutable, so using a hash of a session's state or content would make it impossible to retrieve it after it's been changed.
    • If two users have the same session-state then they'd have the same session-id value, which is not what you intend.

posted this

Please login first before posting an answer.

Ads

Categories