I am using my own authentication and sort of worried about the present security of my API. What would you suggest would be a good way to Generate Api keys? And what would be a better way to hash the password?

For api keys I would suggest you node-uuid. For hashing passwords - builtin crypto. For api secrets you can also use node-uuid + crypto combined. Something like that (node repl):

> require('node-uuid')()
'5d2962e4-55c8-460c-aa7b-9586905779cb'
> require('crypto').createHash('sha256').update(_).update('salt').digest('hex');
'06f905820cafb3b34bd7ba8729acf6d671446ff09ffb0aaa7f0290c936fc6c68'