This module came about because I found myself frequently running the following command:
$ perl -MSession::Token -E 'say Session::Token->new->get'
YwXYXGLMMnudk33MbClseQ
Before I wrote Session::Token I used to run the following command:
$ openssl rand -base64 16
fjxhL/LmZEUQ+NCldQbHgA==
They both perform essentially the same task however "session-token" has various advantages:
It is more flexible regarding the alphabet used since it supports any alphabet that Session::Token does
via the "--alphabet" switch. Its default alphabet is the (IMO) nice base-62 versus "openssl rand"'s
base-64.
It can efficiently generate a large number of random tokens with the "--num" switch. Calling "openssl
rand" for each token would fork a lot of processes and open and read from "/dev/urandom" in each one.
If cross-platform determinism is required, the "--seed" or "--null-seed" switches are available and they
don't require seed files or anything. Note that you should only use these switches for benchmarks or
simulations and never for applications requiring secure randomness since the generated sequence of tokens
will be the same for each run.
"openssl rand" does some weirdness with reading from/writing to the "~/.rnd" file in your home directory
as a potential entropy source/store. "session-token" will always fail noisily if it can't read from
"/dev/urandom".
Finally, "session-token" is easier to remember and type don't you think?
Install Now
PNG Icons
