diff --git a/app/api/views/alias_options.py b/app/api/views/alias_options.py index 762879ec..aba138c1 100644 --- a/app/api/views/alias_options.py +++ b/app/api/views/alias_options.py @@ -7,7 +7,7 @@ from app.config import EMAIL_DOMAIN from app.extensions import db from app.log import LOG from app.models import AliasUsedOn, GenEmail, User -from app.utils import random_string, convert_to_id +from app.utils import convert_to_id, random_word @api_bp.route("/alias/options") @@ -71,7 +71,7 @@ def options(): # maybe better to make sure the suffix is never used before # but this is ok as there's a check when creating a new custom alias - ret["custom"]["suffixes"] = [f".{random_string(6)}@{EMAIL_DOMAIN}"] + ret["custom"]["suffixes"] = [f".{random_word()}@{EMAIL_DOMAIN}"] for custom_domain in user.verified_custom_domains(): ret["custom"]["suffixes"].append("@" + custom_domain.domain) diff --git a/app/dashboard/views/custom_alias.py b/app/dashboard/views/custom_alias.py index a833d297..3785d9a1 100644 --- a/app/dashboard/views/custom_alias.py +++ b/app/dashboard/views/custom_alias.py @@ -7,7 +7,7 @@ from app.email_utils import notify_admin from app.extensions import db from app.log import LOG from app.models import GenEmail, DeletedAlias, CustomDomain -from app.utils import convert_to_id, random_string +from app.utils import convert_to_id, random_word @dashboard_bp.route("/custom_alias", methods=["GET", "POST"]) @@ -93,7 +93,7 @@ def custom_alias(): session[HIGHLIGHT_GEN_EMAIL_ID] = gen_email.id return redirect(url_for("dashboard.index")) - email_suffix = random_string(6) + email_suffix = random_word() return render_template( "dashboard/custom_alias.html", error=error, diff --git a/app/models.py b/app/models.py index 1a597a62..69486f7d 100644 --- a/app/models.py +++ b/app/models.py @@ -13,7 +13,7 @@ from app.config import EMAIL_DOMAIN, MAX_NB_EMAIL_FREE_PLAN, URL, AVATAR_URL_EXP from app.extensions import db from app.log import LOG from app.oauth_models import Scope -from app.utils import convert_to_id, random_string, random_words +from app.utils import convert_to_id, random_string, random_words, random_word class ModelMixin(object): @@ -421,14 +421,13 @@ class GenEmail(db.Model, ModelMixin): if not prefix: raise Exception("alias prefix cannot be empty") - # find the right suffix - found = False - while not found: - suffix = random_string(6) + # find the right suffix - avoid infinite loop by running this at max 1000 times + for i in range(1000): + suffix = random_word() email = f"{prefix}.{suffix}@{EMAIL_DOMAIN}" if not cls.get_by(email=email): - found = True + break return GenEmail.create(user_id=user_id, email=email, custom=True) diff --git a/app/oauth/views/authorize.py b/app/oauth/views/authorize.py index 2602624a..1fd2de4c 100644 --- a/app/oauth/views/authorize.py +++ b/app/oauth/views/authorize.py @@ -1,4 +1,3 @@ -import random from typing import Dict from urllib.parse import urlparse @@ -27,7 +26,7 @@ from app.oauth_models import ( SUPPORTED_OPENID_FLOWS_STR, response_types_to_str, ) -from app.utils import random_string, encode_url, convert_to_id +from app.utils import random_string, encode_url, convert_to_id, random_word @oauth_bp.route("/authorize", methods=["GET", "POST"]) @@ -100,9 +99,11 @@ def authorize(): LOG.debug("user %s has already allowed client %s", current_user, client) user_info = client_user.get_user_info() else: - suggested_email, other_emails = current_user.suggested_emails(client.name) + suggested_email, other_emails = current_user.suggested_emails( + client.name + ) suggested_name, other_names = current_user.suggested_names() - email_suffix = random_string(6) + email_suffix = random_word() return render_template( "oauth/authorize.html", diff --git a/app/utils.py b/app/utils.py index f1212c26..33a2703d 100644 --- a/app/utils.py +++ b/app/utils.py @@ -12,6 +12,10 @@ with open(WORDS_FILE_PATH) as f: _words = f.read().split() +def random_word(): + return random.choice(_words) + + def random_words(): """Generate a random words. Used to generate user-facing string, for ex email addresses""" nb_words = random.randint(2, 3)