I wonder if there is any kind of publicly known encryption (not hashing) algorithm that generates constant number of characters independent of the input.
I have came across an online platform that generates tokens (27 char Base64 string) depending on user's email and password ,which the user can use to login instead of email and password combination, but for the same email and password user can generate so many number of tokens.
There are two theories in my mind to achieve this.
- Save all generated tokens along with user's email and password in a specific table in database then use them to check for user's credentials. but this does not seem to be an efficient way, and it's meaningless to save ALL tokens
- Encrypt user's email and password along with some salt, then decrypt the provided token and use the decrypted credentials to log the user in.
Token Example
nsBpqEYfFFemSvZqE5Sn4dqwrLI