newSecureToken function
Returns byteLength cryptographically secure random bytes encoded as a
URL-safe, unpadded base64 string.
Used to mint connection nonces (replay protection) and per-session hijack tokens. The default of 32 bytes yields 256 bits of entropy.
Implementation
String newSecureToken([int byteLength = 32]) {
final bytes = List<int>.generate(
byteLength,
(_) => _secureRandom.nextInt(256),
);
return base64UrlEncode(bytes).replaceAll('=', '');
}