Mirror
/
app-MAIL-temp
mirror of https://github.com/simple-login/app.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use secrets instead of random

This commit is contained in:
Adrià Casajús 2022-03-29 18:40:52 +02:00
parent b0023981af
commit b15facb6e4
No known key found for this signature in database
GPG Key ID: F0033226A5AFC9B9
2 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
app/api/views/auth.py
View File

@ -1,4 +1,5 @@
import random
import secrets
import string
import facebook
import google.oauth2.credentials
@ -102,7 +103,7 @@ def auth_register():
Session.flush()
# create activation code
code = "".join([str(random.randint(0, 9)) for _ in range(6)])
code = "".join([str(secrets.choice(string.digits)) for _ in range(6)])
AccountActivation.create(user_id=user.id, code=code)
Session.commit()
@ -194,7 +195,7 @@ def auth_reactivate():
Session.commit()
# create activation code
code = "".join([str(random.randint(0, 9)) for _ in range(6)])
code = "".join([str(secrets.choice(string.digits)) for _ in range(6)])
AccountActivation.create(user_id=user.id, code=code)
Session.commit()

5
app/utils.py
View File

@ -1,4 +1,5 @@
import random
import secrets
import string
import time
import urllib.parse
@ -27,7 +28,7 @@ def random_words():
"""Generate a random words. Used to generate user-facing string, for ex email addresses"""
# nb_words = random.randint(2, 3)
nb_words = 2
return "_".join([random.choice(_words) for i in range(nb_words)])
return "_".join([secrets.choice(_words) for i in range(nb_words)])
def random_string(length=10, include_digits=False):
@ -36,7 +37,7 @@ def random_string(length=10, include_digits=False):
if include_digits:
letters += string.digits
return "".join(random.choice(letters) for _ in range(length))
return "".join(secrets.choice(letters) for _ in range(length))
def convert_to_id(s: str):