From 22ef0248852667999e4c71fdf2aba76d2360b96f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C4=93teris=20Caune?= Date: Mon, 2 Mar 2020 10:04:41 +0200 Subject: [PATCH] Use secrets.token_urlsafe --- hc/accounts/models.py | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/hc/accounts/models.py b/hc/accounts/models.py index ed42dfe7..ce3c71a5 100644 --- a/hc/accounts/models.py +++ b/hc/accounts/models.py @@ -1,6 +1,5 @@ -from base64 import urlsafe_b64encode from datetime import timedelta -import os +from secrets import token_urlsafe import uuid from django.conf import settings @@ -76,7 +75,7 @@ class Profile(models.Model): return settings.SITE_ROOT + path def prepare_token(self, salt): - token = urlsafe_b64encode(os.urandom(24)).decode() + token = token_urlsafe(24) self.token = make_password(token, salt) self.save() return token @@ -240,8 +239,8 @@ class Project(models.Model): return self.owner_profile.check_limit - num_used def set_api_keys(self): - self.api_key = urlsafe_b64encode(os.urandom(24)).decode() - self.api_key_readonly = urlsafe_b64encode(os.urandom(24)).decode() + self.api_key = token_urlsafe(nbytes=24) + self.api_key_readonly = token_urlsafe(nbytes=24) self.save() def team(self):