CGM_Public/pretix_cgo
1
0
Fork 0
forked from CGM_Public/pretix_original
Code Pull Requests Actions Activity

Use get_random_string everywhere (#210)

Browse Source 
Django's get_random_string tries really hard to either use sysrandom or
be otherwise as unpredictable as possible. Thanks to David Gullasch for
pointing out both the problem and the solution.
This commit is contained in:
Tobias Kunze
2016-08-29 19:10:01 +02:00
committed by Raphael Michel
parent e440782545
commit 4a02ed566f
4 changed files with 10 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/pretix/base/models/invoices.py
View File

@@ -1,15 +1,15 @@
import random
import string
from datetime import date
from decimal import Decimal
from django.db import DatabaseError, models
from django.db.models import Max
from django.utils.crypto import get_random_string
from django.utils.functional import cached_property
def invoice_filename(instance, filename: str) -> str:
secret = ''.join(random.choice(string.ascii_letters + string.digits) for _ in range(16))
secret = get_random_string(length=16, allowed_chars=string.ascii_letters + string.digits)
return 'invoices/{org}/{ev}/{no}-{code}-{secret}.pdf'.format(
org=instance.event.organizer.slug, ev=instance.event.slug,
no=instance.number, code=instance.order.code, secret=secret