Mercurial > gemma
changeset 322:34ecfd8dc11e
Ensure that build password generator obeys password rules.
author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
---|---|
date | Thu, 02 Aug 2018 17:17:31 +0200 |
parents | 974a5e4c0055 |
children | c6b32c6ae95e |
files | controllers/pwreset.go |
diffstat | 1 files changed, 20 insertions(+), 10 deletions(-) [+] |
line wrap: on
line diff
--- a/controllers/pwreset.go Thu Aug 02 16:40:14 2018 +0200 +++ b/controllers/pwreset.go Thu Aug 02 17:17:31 2018 +0200 @@ -163,22 +163,32 @@ func randomString(n int) string { - const alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + - "abcdefghijklmnopqrstuvwxyz" + - "0123456789" + - "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~" + const ( + special = "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~" + alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + + "abcdefghijklmnopqrstuvwxyz" + + "0123456789" + + special + ) max := big.NewInt(int64(len(alphabet))) out := make([]byte, n) - for i := range out { - v, err := rand.Int(rand.Reader, max) - if err != nil { - log.Panicf("error: %v\n", err) + for i := 0; i < 1000; i++ { + for i := range out { + v, err := rand.Int(rand.Reader, max) + if err != nil { + log.Panicf("error: %v\n", err) + } + out[i] = alphabet[v.Int64()] } - out[i] = alphabet[v.Int64()] + // Ensure at least one special char. + if bytes.IndexAny(out, special) >= 0 { + return string(out) + } } - + log.Println("warn: Your random generator may be broken.") + out[0] = special[0] return string(out) }