mirror
/
funkwhale
kopia lustrzana https://dev.funkwhale.audio/funkwhale/funkwhale
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność

More secure tokens

environments/review-docs-devel-1399dq/deployments/6607
Agate 2020-08-19 19:50:56 +02:00
rodzic f2e5969c44
commit 30f6a77e68
2 zmienionych plików z 4 dodań i 5 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

7
api/funkwhale_api/users/models.py
Wyświetl plik

@ -1,9 +1,7 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
from __future__ import absolute_import, unicode_literals from __future__ import absolute_import, unicode_literals
import binascii
import datetime import datetime
import os
import random import random
import string import string
import uuid import uuid
@ -31,8 +29,9 @@ from funkwhale_api.federation import models as federation_models
from funkwhale_api.federation import utils as federation_utils from funkwhale_api.federation import utils as federation_utils
def get_token(length=15): def get_token(length=30):
return binascii.b2a_hex(os.urandom(length)).decode("utf-8") choices = string.ascii_lowercase + string.ascii_uppercase + "0123456789"
return "".join(random.choice(choices) for i in range(length))
PERMISSIONS_CONFIGURATION = { PERMISSIONS_CONFIGURATION = {

2
api/funkwhale_api/users/oauth/views.py
Wyświetl plik

@ -93,7 +93,7 @@ class ApplicationViewSet(
app = self.get_object() app = self.get_object()
if not app.user_id or request.user != app.user: if not app.user_id or request.user != app.user:
return response.Response(status=404) return response.Response(status=404)
app.token = models.get_token(15) app.token = models.get_token()
app.save(update_fields=["token"]) app.save(update_fields=["token"])
serializer = serializers.CreateApplicationSerializer(app) serializer = serializers.CreateApplicationSerializer(app)
return response.Response(serializer.data, status=200) return response.Response(serializer.data, status=200)