use ActiveSupport::SecureRandom when generating random tokens

Change-Id: Ibc8f0e0d15c824ba32c249a8c4d0f706fc2e02b7 Reviewed-on: https://gerrit.instructure.com/4696 Reviewed-by: Brian Palmer <brianp@instructure.com> Tested-by: Hudson <hudson@instructure.com>
2011-07-15 14:56:34 -06:00 · 2011-07-15 14:56:34 -06:00 · 319f023463
parent 1bcae47f1e
commit 319f023463
1 changed files with 8 additions and 19 deletions
--- a/lib/auto_handle.rb
+++ b/lib/auto_handle.rb
@ -20,27 +20,16 @@

 class AutoHandle
  class << self
-    def chars
-      return @chars if @chars
-      @chars = (65..90).map { |x| x.chr }
-      @chars << (48..57).map { |x| x.chr }
-      @chars << (97..122).map { |x| x.chr }
-      @chars.flatten!
+    CHARS = ('0'..'9').to_a + ('a'..'z').to_a + ('A'..'Z').to_a
+    def generate_securish_uuid(length = 40)
+      Array.new(length) { CHARS[ActiveSupport::SecureRandom.random_number(CHARS.length)] }.join
    end
-  
-    def rand_char
-      chars[rand(chars.size)]
-    end
-
-    def generate(purpose=nil, n=4)
-      slug = purpose + '-' if purpose
-      slug ||= ''
-      n.times { slug << rand_char }
+    
+    def generate(purpose = nil, length = 4)
+      slug = ''
+      slug << purpose << '-' if purpose
+      slug << generate_securish_uuid(length)
      slug
    end
-
-    def generate_securish_uuid
-      Canvas::Security.hmac_sha1("#{UUIDSingleton.instance.generate}#{AutoHandle.generate(nil, 20)}")
-    end
  end
 end