sim1222/nca10.net
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

トークン系の乱数ソースではcryptoを使うように (#6200)

Browse Source
This commit is contained in:
MeiMei
2020-03-29 23:16:36 +09:00
committed by GitHub
parent e2183400e5
commit 244ef0cb8f
5 changed files with 29 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/server/api/endpoints/app/create.ts
View File

@ -1,9 +1,9 @@
import rndstr from 'rndstr';
import $ from 'cafy';
import define from '../../define';
import { Apps } from '../../../../models';
import { genId } from '../../../../misc/gen-id';
import { unique } from '../../../../prelude/array';
import { secureRndstr } from '../../../../misc/secure-rndstr';
export const meta = {
tags: ['app'],
@ -60,7 +60,7 @@ export const meta = {
export default define(meta, async (ps, user) => {
// Generate secret
const secret = rndstr('a-zA-Z0-9', 32);
const secret = secureRndstr(32, true);
// for backward compatibility
const permission = unique(ps.permission.map(v => v.replace(/^(.+)(\/|-)(read|write)$/, '$3:$1')));