Convert tokens to SHA-256 hashes before database storage. This ensures that
even if the database is compromised, the original tokens remain secret and
cannot be used to impersonate users. Always hash tokens generated by
generate_secure_token() before storing in the database. Send the original
token to the user, store only the hash.
Arguments
- token
Character string. The raw token to hash (minimum 1 character). Typically obtained from
generate_secure_token(). Can be any string that requires secure storage (magic link tokens, session identifiers, etc.).
Value
Character string containing the 64-character SHA-256 hash. Store this value in the database. To verify a token later, hash the received token and compare with the stored hash.
See also
Other security:
generate_secure_token(),
is_valid_email(),
security
Examples
if (FALSE) { # \dontrun{
# Generate and hash a token for storage
token <- generate_secure_token(32)
hashed <- hash_token(token)
# Store hashed in database, send original token to user
# Later, verify by hashing the received token and comparing
} # }