Code Room
Code reviewMediumcr-g565
Subject Crypto securityLevel Mid–Senior~20 minCommon in Security interviewsIndustries Software development

Question

Review this JavaScript password-reset token generator (Node.js).

What a strong answer looks like

Separate real bugs from style. Rank issues by severity, point at the root cause rather than the symptom, and suggest a concrete fix — specific and kind.

Talk through your review
Code to reviewjs
function generateResetToken() {  let token = '';  const chars = 'abcdefghijklmnopqrstuvwxyz0123456789';  for (let i = 0; i < 24; i++) {    token += chars[Math.floor(Math.random() * chars.length)];  }  return token;} async function requestReset(email) {  const token = generateResetToken();  await db.resets.insert({ email, token, expires: Date.now() + 3600_000 });  await sendResetEmail(email, token);}
Run or narrate your approach, then ask the coach.