jandres/dify
1
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-01-08 07:14:14 +00:00
Code Issues Actions 12 Packages Projects Releases Wiki Activity

chore: replace pseudo-random generators with secrets module (#20616)

Browse Source
This commit is contained in:
Bowen Liang
2025-06-06 10:48:28 +08:00
committed by GitHub
parent 4f0c9fdf2b
commit c1a13fa553
8 changed files with 17 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
api/services/webapp_auth_service.py
View File

@@ -1,4 +1,4 @@
import random
import secrets
from datetime import UTC, datetime, timedelta
from typing import Any, Optional, cast
@@ -66,7 +66,7 @@ class WebAppAuthService:
if email is None:
raise ValueError("Email must be provided.")
code = "".join([str(random.randint(0, 9)) for _ in range(6)])
code = "".join([str(secrets.randbelow(exclusive_upper_bound=10)) for _ in range(6)])
token = TokenManager.generate_token(
account=account, email=email, token_type="webapp_email_code_login", additional_data={"code": code}
)