Merge pull request #5822 from mdickopp/mdickopp/pwGeneration

Improve client-side password generation

client/src/app/core/repositories/users/user-repository.service.ts

@@ -181,11 +181,21 @@ export class UserRepositoryService extends BaseRepository<ViewUser, User, UserTi
      */
     public getRandomPassword(length: number = 10): string {
         let pw = '';
-        const array = new Uint8Array(length);
-        window.crypto.getRandomValues(array);
         const characters = 'abcdefghijkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789';
-        for (let i = 0; i < length; i++) {
+        // set charactersLengthPower2 to characters.length rounded up to the next power of two
-            pw += characters.charAt(array[i] % characters.length);
+        let charactersLengthPower2 = 1;
+        while (characters.length > charactersLengthPower2) {
+            charactersLengthPower2 *= 2;
+        }
+        while (pw.length < length) {
+            const random = new Uint8Array(length - pw.length);
+            window.crypto.getRandomValues(random);
+            for (let i = 0; i < random.length; i++) {
+                const r = random[i] % charactersLengthPower2;
+                if (r < characters.length) {
+                    pw += characters.charAt(r);
+                }
+            }
         }
         return pw;
     }