taiga
/
taiga-back
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #1062 from migonzalvar/increase-token-entropy 

Increase entropy of tokens used for authentication
remotes/origin/release/3.1.1
Alejandro 2018-02-12 12:11:49 +01:00 committed by GitHub
parent cf2abe1d2f 5fbcbfb68c
commit b7c095525a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
taiga/users/api.py
View File

@ -134,7 +134,7 @@ class UsersViewSet(ModelCrudViewSet):
raise exc.WrongArguments(_("Not valid email"))
# We need to generate a token for the email
request.user.email_token = str(uuid.uuid1())
request.user.email_token = str(uuid.uuid4())
request.user.new_email = new_email
request.user.save(update_fields=["email_token", "new_email"])
email = mail_builder.change_email(
@ -172,7 +172,7 @@ class UsersViewSet(ModelCrudViewSet):
raise exc.WrongArguments(_("Invalid username or email"))
user = get_user_by_username_or_email(username_or_email)
user.token = str(uuid.uuid1())
user.token = str(uuid.uuid4())
user.save(update_fields=["token"])
email = mail_builder.password_recovery(user, {"user": user})