NAME
session-token - command-line script for generating session tokens
USAGE
$ session-token
ATXOpAxCu57sVZvoBiWgHg
$ session-token --entropy 256
hk0No9bjuknBxmpIujW3bZvnFmryTvEbTPNitd8L9kC
$ session-token --length 5 --alphabet ACGT --num 3
GAATT
ACCAT
AATTG
## If you don't know how many tokens you need at the start of the pipeline...
$ session-token --infinity | ... | headDESCRIPTION
This module came about because I found myself frequently running the following command:
$ perl -MSession::Token -E 'say Session::Token->new->get'
YwXYXGLMMnudk33MbClseQBefore I wrote Session::Token I used to run the following command:
$ openssl rand -base64 16
fjxhL/LmZEUQ+NCldQbHgA==They both perform essentially the same task however session-token has various advantages:
It is more flexible regarding the alphabet used since it supports any alphabet that Session::Token does via the --alphabet switch. Its default alphabet is the (IMO) nice base-62 versus openssl rand's base-64.
It can efficiently generate a large number of random tokens with the --num switch. Calling openssl rand for each token would fork a lot of processes and open and read from /dev/urandom in each one.
If cross-platform determinism is required, the --seed or --null-seed switches are available and they don't require seed files or anything. Note that you should only use these switches for benchmarks or simulations and never for applications requiring secure randomness since the generated sequence of tokens will be the same for each run.
openssl rand does some weirdness with reading from/writing to the ~/.rnd file in your home directory as a potential entropy source/store. session-token will always fail noisily if it can't read from /dev/urandom.
Finally, session-token is easier to remember and type don't you think?
SEE ALSO
AUTHOR
Doug Hoyte, <doug@hcsw.org>
COPYRIGHT & LICENSE
Copyright 2014-2016 Doug Hoyte.
This module is licensed under the same terms as perl itself.