Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Use rand.Reader directly instead of relying upon uuid
uuid did some bit manipulation so actually only guaranteed 122 bits of random data. This change gets us the full 128 bits.
  • Loading branch information
brycekahle committed Jul 25, 2017
1 parent 30b564f commit a637776
Showing 1 changed file with 7 additions and 4 deletions.
11 changes: 7 additions & 4 deletions crypto/crypto.go
@@ -1,16 +1,19 @@
package crypto

import (
"crypto/rand"
"encoding/base64"
"io"
"strings"

"github.com/pborman/uuid"
)

// SecureToken creates a new random token
func SecureToken() string {
token := uuid.NewRandom()
return removePadding(base64.URLEncoding.EncodeToString([]byte(token)))
b := make([]byte, 16)
if _, err := io.ReadFull(rand.Reader, b); err != nil {
panic(err.Error()) // rand should never fail
}
return removePadding(base64.URLEncoding.EncodeToString(b))
}

func removePadding(token string) string {
Expand Down

0 comments on commit a637776

Please sign in to comment.