I have a basic download system for a client's products. users get a printed out, human readable code (15 digits or below) that they can enter online to download a file. For now all unique codes are stored in a database but since the amount of codes is getting higher and higher I want to change the system.
I want to take some kind of secret salt and generate unique hashes that our download system can decode and compare if the hash is valid (and created from the salt).
I found two node packages: https://github.com/sehrope/node-simple-encryptor and http://hashids.org/
With simple encryptor I can generate unique hashes for example for "mysecretpassphrase". When a user enters this code I can decode the hash and check whether it is "mysecretpassphrase" and if so allow the download. However the hashes are way to long (120 alphanumeric signs).
With the other package (hashids) I get url friendly hman readable codes but I can only hash integers.
Any idea how to create up to a million hashes (human readable) below 15 alphanumeric letter that can be decoded again? It doesn't need to be cryptographically bullet-proof.