From 3e523839887fd1ffc12b5dd4a49e8992463a4cc6 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Lang Date: Wed, 13 May 2009 16:54:32 +0000 Subject: [PATCH] Use ActiveSupport::SecureRandom to generate tokens (#3351). git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2740 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- app/models/token.rb | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/app/models/token.rb b/app/models/token.rb index 0e8c2c3e2..54e251a40 100644 --- a/app/models/token.rb +++ b/app/models/token.rb @@ -36,9 +36,6 @@ class Token < ActiveRecord::Base private def self.generate_token_value - chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a - token_value = '' - 40.times { |i| token_value << chars[rand(chars.size-1)] } - token_value + ActiveSupport::SecureRandom.hex(20) end end