Merge pull request #1868 from basecamp/use-cryptographically-secure-randomness-for-magic-link-code-generation
Use cryptographically secure randomness for Magic Link code generation
This commit is contained in:
@@ -4,7 +4,7 @@ module MagicLink::Code
|
||||
|
||||
class << self
|
||||
def generate(length)
|
||||
length.times.map { CODE_ALPHABET.sample }.join
|
||||
Array.new(length) { CODE_ALPHABET[SecureRandom.random_number(CODE_ALPHABET.length)] }.join
|
||||
end
|
||||
|
||||
def sanitize(code)
|
||||
|
||||
Reference in New Issue
Block a user