(a: string, b: string)
| 348 | const hmacKey = randomBytes(32) |
| 349 | |
| 350 | function safeTokenCompare(a: string, b: string): boolean { |
| 351 | const hashA = createHmac('sha256', hmacKey).update(a).digest() |
| 352 | const hashB = createHmac('sha256', hmacKey).update(b).digest() |
| 353 | return timingSafeEqual(hashA, hashB) |
| 354 | } |
| 355 | |
| 356 | /** |
| 357 | * Auth hook for the Internal Server. ALL routes require Bearer token, no exceptions. |
no test coverage detected