ag-admin/OpenSlides
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Change PW generation to a secure method

Browse Source
This commit is contained in:
Finn Stutzenstein 2021-01-05 07:42:19 +01:00
parent ea277adf9e
commit 183c511046
No known key found for this signature in database
GPG Key ID: 9042F605C6324654
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
client/src/app/core/repositories/users/user-repository.service.ts
View File

@ -181,9 +181,11 @@ export class UserRepositoryService extends BaseRepository<ViewUser, User, UserTi
*/ */
public getRandomPassword(length: number = 10): string { public getRandomPassword(length: number = 10): string {
let pw = ''; let pw = '';
const array = new Uint8Array(length);
window.crypto.getRandomValues(array);
const characters = 'abcdefghijkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789'; const characters = 'abcdefghijkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789';
for (let i = 0; i < length; i++) { for (let i = 0; i < length; i++) {
pw += characters.charAt(Math.floor(Math.random() * characters.length)); pw += characters.charAt(array[i] % characters.length);
} }
return pw; return pw;
} }