Merge pull request #1868 from basecamp/use-cryptographically-secure-randomness-for-magic-link-code-generation

Use cryptographically secure randomness for Magic Link code generation
This commit is contained in:
Stanko Krtalić
2025-12-03 20:21:52 +01:00
committed by GitHub
+1 -1
View File
@@ -4,7 +4,7 @@ module MagicLink::Code
class << self
def generate(length)
length.times.map { CODE_ALPHABET.sample }.join
Array.new(length) { CODE_ALPHABET[SecureRandom.random_number(CODE_ALPHABET.length)] }.join
end
def sanitize(code)