Merge pull request #5791 from FinnStutzenstein/pwGeneration
Change PW generation to a secure method
This commit is contained in:
commit
8542817129
@ -181,9 +181,11 @@ export class UserRepositoryService extends BaseRepository<ViewUser, User, UserTi
|
|||||||
*/
|
*/
|
||||||
public getRandomPassword(length: number = 10): string {
|
public getRandomPassword(length: number = 10): string {
|
||||||
let pw = '';
|
let pw = '';
|
||||||
|
const array = new Uint8Array(length);
|
||||||
|
window.crypto.getRandomValues(array);
|
||||||
const characters = 'abcdefghijkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789';
|
const characters = 'abcdefghijkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789';
|
||||||
for (let i = 0; i < length; i++) {
|
for (let i = 0; i < length; i++) {
|
||||||
pw += characters.charAt(Math.floor(Math.random() * characters.length));
|
pw += characters.charAt(array[i] % characters.length);
|
||||||
}
|
}
|
||||||
return pw;
|
return pw;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user