From 45252b303611a554f74902032c8b6dadc58ead37 Mon Sep 17 00:00:00 2001
From: dbauszus-glx <dennis.bauszus@geolytix.co.uk>
Date: Fri, 8 Mar 2024 15:06:09 +0000
Subject: [PATCH] remove nanoid

---
 README.md           |  2 --
 mod/user/fromACL.js | 10 +++-------
 mod/utils/logger.js | 10 +++++-----
 package.json        |  1 -
 4 files changed, 8 insertions(+), 15 deletions(-)

diff --git a/README.md b/README.md
index 112768c0b..fa55a5fa5 100644
--- a/README.md
+++ b/README.md
@@ -43,8 +43,6 @@ Node.js v18+
 
 [jsonwebtoken](https://www.npmjs.com/package/jsonwebtoken) - A Node implementation of JSON Web Token.
 
-[nanoid](https://www.npmjs.com/package/nanoid) - A tiny, secure, URL-friendly, unique string ID generator for JavaScript.
-
 [Node-Postgres](https://github.com/brianc/node-postgres) - PostgreSQL client for Node.
 
 [nodemailer](https://github.com/nodemailer/nodemailer) - Send e-mails with Node – easy as cake!
diff --git a/mod/user/fromACL.js b/mod/user/fromACL.js
index 4958d5397..1db39b351 100644
--- a/mod/user/fromACL.js
+++ b/mod/user/fromACL.js
@@ -18,8 +18,6 @@ const languageTemplates = require('../utils/languageTemplates')
 
 const acl = require('./acl')
 
-const { nanoid } = require('nanoid')
-
 /**
  * Exported function fromACL that will authenticate user. 
  * @function fromACL
@@ -139,15 +137,13 @@ async function getUser(request) {
     // password must be removed after check
     delete user.password
 
-    if (process.env.NANO_SESSION) {
-
-      const nano_session = nanoid()
+    if (process.env.USER_SESSION) {
 
-      user.session = nano_session
+      user.session = crypto.randomBytes(10).toString('hex')
 
       rows = await acl(`
         UPDATE acl_schema.acl_table
-        SET session = '${nano_session}'
+        SET session = '${user.session}'
         WHERE lower(email) = lower($1)`,
         [request.email])
 
diff --git a/mod/utils/logger.js b/mod/utils/logger.js
index b2c2be07d..6b012c71b 100644
--- a/mod/utils/logger.js
+++ b/mod/utils/logger.js
@@ -2,14 +2,14 @@
 @module /utils/logger
 */
 
+const crypto = require('crypto')
+
 const logs = new Set(process.env.LOGS?.split(',') || [])
 
 // Errors should always be logged.
 logs.add('err')
 
-const { nanoid } = require('nanoid')
-
-const process_nanoid = nanoid(6)
+const process_id = crypto.randomBytes(3).toString('hex')
 
 const logout = {
   logflare,
@@ -57,7 +57,7 @@ function logflare() {
           'X-API-KEY': params.apikey,
         },
         body: JSON.stringify({
-          [process_nanoid]: log,
+          [process_id]: log,
           key
         })
       }).catch(err => {
@@ -100,7 +100,7 @@ function postgresql() {
       await client.query(
         `INSERT INTO ${table} (process, datetime, key, log, message) 
         VALUES ($1, $2, $3, $4, $5)`, 
-        [process_nanoid, parseInt(Date.now() / 1000), key, logstring, errorMessage]);
+        [process_id, parseInt(Date.now() / 1000), key, logstring, errorMessage]);
     } catch (error) {
       console.error('Error while logging to database:', error);
     } finally {
diff --git a/package.json b/package.json
index a34aad2c5..265ded3d7 100644
--- a/package.json
+++ b/package.json
@@ -22,7 +22,6 @@
     "@aws-sdk/s3-request-presigner": "^3.398.0",
     "bcryptjs": "^2.4.3",
     "jsonwebtoken": "^9.0.0",
-    "nanoid": "^3.2.0",
     "nodemailer": "^6.9.7",
     "pg": "^8.7.3",
     "simple-statistics": "^7.8.3"