Closed ultimateshadsform closed 2 months ago
For session IDs specifically, object IDs don’t provide enough entropy
That doesnt make any sense?
Why would you need entropy on a random id?
It's just an identifier.
No you're right. It's more secure and object ids can be guessed.
I just changed to use prima instead and it now uses object ids.
Package
@lucia-auth/adapter-mongodb
Describe the bug
Is there a reason ids need to be a string?
It would be better to just use it as intended and use Objects ids.
I had to research and debug just to realize I needed to put "string" on the _id in the db.
Would be nice if you could convert library to use Object ids as mongo uses that by default instead of "string"
And even stack overflow recommends to use object ids.