From 1fcbbaab556bdba4d85deebe799d5f8c6f84797a Mon Sep 17 00:00:00 2001
From: laraproto <laraproto@proton.me>
Date: Sat, 2 Nov 2024 17:07:25 +0200
Subject: [PATCH] i went overboard

---
 backend/src/data/ApiLogins.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/backend/src/data/ApiLogins.ts b/backend/src/data/ApiLogins.ts
index 1c858839..67b9d14c 100644
--- a/backend/src/data/ApiLogins.ts
+++ b/backend/src/data/ApiLogins.ts
@@ -49,7 +49,7 @@ export class ApiLogins extends BaseRepository {
     // Generate random login id
     let loginId;
     while (true) {
-      loginId = randomBytes(64).toString("hex");
+      loginId = randomBytes(16).toString("hex");
       const existing = await this.apiLogins.findOne({
         where: {
           id: loginId,
@@ -59,7 +59,7 @@ export class ApiLogins extends BaseRepository {
     }
 
     // Generate token
-    const token = randomBytes(64).toString("hex");
+    const token = randomBytes(32).toString("hex");
     const hash = crypto.createHash("sha256");
     hash.update(loginId + token); // Use loginId as a salt
     const hashedToken = hash.digest("hex");