use crypto for verification token

2020-09-15 14:26:55 -04:00
parent f20feae4d9
commit a39cec2b76
1 changed files with 2 additions and 1 deletions
--- a/src/collections/operations/create.js
+++ b/src/collections/operations/create.js
@@ -1,4 +1,5 @@
 const mkdirp = require('mkdirp');
+const crypto = require('crypto');

 const executeAccess = require('../../auth/executeAccess');

@@ -144,7 +145,7 @@ async function create(args) {
    }
    if (collectionConfig.auth.emailVerification) {
      data.verified = false;
-      data.verificationToken = 'asdf'; // TODO: Use bcrypt
+      data.verificationToken = await crypto.randomBytes(20).toString('hex');
      // TODO: Generate and send email
    }
  }