From 0d7c946ba85efe1f295078a5e84700051675039c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adri=C3=A0=20Casaj=C3=BAs?= Date: Thu, 31 Oct 2024 16:31:51 +0100 Subject: [PATCH] Replace random with secrets --- app/mailbox_utils.py | 3 +-- app/utils.py | 6 +++--- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/app/mailbox_utils.py b/app/mailbox_utils.py index bc7f86b6..4b77746f 100644 --- a/app/mailbox_utils.py +++ b/app/mailbox_utils.py @@ -1,6 +1,5 @@ import dataclasses import secrets -import random from enum import Enum from typing import Optional import arrow @@ -233,7 +232,7 @@ def generate_activation_code( if config.MAILBOX_VERIFICATION_OVERRIDE_CODE: code = config.MAILBOX_VERIFICATION_OVERRIDE_CODE else: - code = "{:06d}".format(random.randint(1, 999999)) + code = "{:06d}".format(secrets.randbelow(1000000))[:6] else: code = secrets.token_urlsafe(16) return MailboxActivation.create( diff --git a/app/utils.py b/app/utils.py index 21d96bfe..c2a8b791 100644 --- a/app/utils.py +++ b/app/utils.py @@ -1,4 +1,3 @@ -import random import re import secrets import string @@ -32,8 +31,9 @@ def random_words(words: int = 2, numbers: int = 0): fields = [secrets.choice(_words) for i in range(words)] if numbers > 0: - digits = "".join([str(random.randint(0, 9)) for i in range(numbers)]) - return "_".join(fields) + digits + digits = [n for n in range(10)] + suffix = "".join([str(secrets.choice(digits)) for i in range(numbers)]) + return "_".join(fields) + suffix else: return "_".join(fields)