Skip to content
This repository
Browse code

Use SecureRandom's uuid generation for api key/secret.

  • Loading branch information...
commit f64dd2a21c8d2d40e17f3513712c2006cb784ba1 1 parent 2f531cd
Caleb Spare authored
6  lib/api.rb
... ...
@@ -1,6 +1,6 @@
1 1
 require "addressable/uri"
2 2
 require "base64"
3  
-require "digest/sha1"
  3
+require "securerandom"
4 4
 require "openssl"
5 5
 require "uri"
6 6
 
@@ -16,9 +16,7 @@ def add_repo(url)
16 16
   end
17 17
 
18 18
   # Generate a random API key or API secret for a user.
19  
-  def self.generate_user_key()
20  
-    Base64.encode64(Digest::SHA1.hexdigest(rand(2**256).to_s)).strip.sub("==", "")
21  
-  end
  19
+  def self.generate_user_key() SecureRandom.uuid.gsub("-", "") end
22 20
 
23 21
   # Generate a signature from a request and a user's api secret. This is used in authenticating an API
24 22
   # request. The user of this method needs to verify that there is a timestamp, that it is correct, check the
2  public/css/settings.scss
@@ -10,7 +10,7 @@
10 10
     }
11 11
   }
12 12
 
13  
-  .key { font: 12px $monoFont; }
  13
+  .key { font: 16px $monoFont; }
14 14
 
15 15
   .gravatarLink {
16 16
     &:active {

0 notes on commit f64dd2a

Please sign in to comment.
Something went wrong with that request. Please try again.