[WD-42]

Why people are still hand rolling common stuff like this is baffling to me. I'm treading on offensive waters here, but I'd guess this is from a nodejs backend, for some reason it seems to be more common to hand roll stuff like this in node than pretty much any other web language/framework I've worked with.

[the_af]

> Why people are still hand rolling common stuff like this is baffling to me

Don't most systems hand roll their own password reset? Using any backend tech, I mean. This isn't crypto, where hand rolling your own solution is almost always a mistake.

[darepublic]

I have handrolled a pass reset in node but I didn't give up the key back to the client. In this case it was actually spring framework