commit 5609103a97f44c7dc4aa7269d80f2df30d50e276
parent 6d460b44b0484f7c191a807d8608f958cd1a7a23
Author: vpl <vpl@vpl.me>
Date: Tue, 6 Aug 2019 22:37:23 +0200
Use ring to generate email token
Diffstat:
3 files changed, 16 insertions(+), 12 deletions(-)
diff --git a/Cargo.lock b/Cargo.lock
@@ -118,7 +118,6 @@ dependencies = [
"oath 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)",
"percent-encoding 2.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
"quoted_printable 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)",
"regex 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
"reqwest 0.9.19 (registry+https://github.com/rust-lang/crates.io-index)",
"ring 0.14.6 (registry+https://github.com/rust-lang/crates.io-index)",
diff --git a/Cargo.toml b/Cargo.toml
@@ -108,9 +108,6 @@ regex = "1.2.0"
# URL encoding library
percent-encoding = "2.0.0"
-# Random
-rand = "0.7.0"
-
[patch.crates-io]
# Add support for Timestamp type
rmp = { git = 'https://github.com/dani-garcia/msgpack-rust' }
diff --git a/src/api/core/two_factor/email.rs b/src/api/core/two_factor/email.rs
@@ -10,12 +10,14 @@ use crate::db::{
};
use crate::error::Error;
use crate::mail;
+use crate::crypto;
+
use chrono::{Duration, NaiveDateTime, Utc};
-use rand::Rng;
use std::char;
use std::ops::Add;
const MAX_TIME_DIFFERENCE: i64 = 600;
+const TOKEN_LEN: usize = 6;
pub fn routes() -> Vec<Route> {
routes![
@@ -97,13 +99,12 @@ struct SendEmailData {
}
fn generate_token() -> String {
- const TOKEN_LEN: usize = 6;
- let mut rng = rand::thread_rng();
-
- (0..TOKEN_LEN)
- .map(|_| {
- let num = rng.gen_range(0, 9);
- char::from_digit(num, 10).unwrap()
+ crypto::get_random(vec![0; TOKEN_LEN])
+ .iter()
+ .map(|byte| { (byte % 10)})
+ .map(|num| {
+ dbg!(num);
+ char::from_digit(num as u32, 10).unwrap()
})
.collect()
}
@@ -291,4 +292,11 @@ mod tests {
// If it's smaller than 3 characters it should only show asterisks.
assert_eq!(result, "***@example.ext");
}
+
+ #[test]
+ fn test_token() {
+ let result = generate_token();
+
+ assert_eq!(result.chars().count(), 6);
+ }
}