diff --git a/internal/crypto/crypto.go b/internal/crypto/crypto.go index c99beeb8..329c86e7 100644 --- a/internal/crypto/crypto.go +++ b/internal/crypto/crypto.go @@ -8,7 +8,6 @@ import ( "crypto/rand" "crypto/sha256" "crypto/subtle" - "encoding/base64" "encoding/hex" "fmt" @@ -28,18 +27,10 @@ func Hash(value string) string { // GenerateRandomBytes returns random bytes. func GenerateRandomBytes(size int) []byte { b := make([]byte, size) - if _, err := rand.Read(b); err != nil { - panic(err) - } - + rand.Read(b) return b } -// GenerateRandomString returns a random string. -func GenerateRandomString(size int) string { - return base64.URLEncoding.EncodeToString(GenerateRandomBytes(size)) -} - // GenerateRandomStringHex returns a random hexadecimal string. func GenerateRandomStringHex(size int) string { return hex.EncodeToString(GenerateRandomBytes(size)) diff --git a/internal/storage/session.go b/internal/storage/session.go index acb60e34..38270d6c 100644 --- a/internal/storage/session.go +++ b/internal/storage/session.go @@ -4,10 +4,10 @@ package storage // import "miniflux.app/v2/internal/storage" import ( + "crypto/rand" "database/sql" "fmt" - "miniflux.app/v2/internal/crypto" "miniflux.app/v2/internal/model" ) @@ -19,9 +19,9 @@ func (s *Storage) CreateAppSessionWithUserPrefs(userID int64) (*model.Session, e } session := model.Session{ - ID: crypto.GenerateRandomString(32), + ID: rand.Text(), Data: &model.SessionData{ - CSRF: crypto.GenerateRandomString(64), + CSRF: rand.Text(), Theme: user.Theme, Language: user.Language, }, @@ -33,9 +33,9 @@ func (s *Storage) CreateAppSessionWithUserPrefs(userID int64) (*model.Session, e // CreateAppSession creates a new application session. func (s *Storage) CreateAppSession() (*model.Session, error) { session := model.Session{ - ID: crypto.GenerateRandomString(32), + ID: rand.Text(), Data: &model.SessionData{ - CSRF: crypto.GenerateRandomString(64), + CSRF: rand.Text(), }, } diff --git a/internal/storage/user_session.go b/internal/storage/user_session.go index 3661d852..a16f8b8d 100644 --- a/internal/storage/user_session.go +++ b/internal/storage/user_session.go @@ -4,10 +4,10 @@ package storage // import "miniflux.app/v2/internal/storage" import ( + "crypto/rand" "database/sql" "fmt" - "miniflux.app/v2/internal/crypto" "miniflux.app/v2/internal/model" ) @@ -56,7 +56,7 @@ func (s *Storage) UserSessions(userID int64) (model.UserSessions, error) { // CreateUserSessionFromUsername creates a new user session. func (s *Storage) CreateUserSessionFromUsername(username, userAgent, ip string) (sessionID string, userID int64, err error) { - token := crypto.GenerateRandomString(64) + token := rand.Text() tx, err := s.db.Begin() if err != nil {