aboutsummaryrefslogtreecommitdiff
path: root/tests/integration/test_login.py
diff options
context:
space:
mode:
authorDaniel Schadt <kingdread@gmx.de>2022-07-29 21:26:23 +0200
committerDaniel Schadt <kingdread@gmx.de>2022-07-29 21:26:23 +0200
commit0daae8ac72907101f281e34d773775636d07b059 (patch)
treeadf6b9c745342de1b3d4ba2a276aaecfe436cef1 /tests/integration/test_login.py
parent948dbb6c11f217400cd3842dc13974dc23f121b2 (diff)
downloadfietsboek-0daae8ac72907101f281e34d773775636d07b059.tar.gz
fietsboek-0daae8ac72907101f281e34d773775636d07b059.tar.bz2
fietsboek-0daae8ac72907101f281e34d773775636d07b059.zip
use secrets to safely generate random tokens
The usage of os.urandom was fine to generate a salt, but using secrets here makes sure that the intent is carried across. For the share tokens, using random might be insecure. We should err on the side of caution and use a secure PRNG here, so now we use secrets here as well. For tokens (password reset, ...), UUID4 is probably also fine, so we'll leave that for now.
Diffstat (limited to 'tests/integration/test_login.py')
0 files changed, 0 insertions, 0 deletions