mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-11-14 05:41:27 +01:00
aa23f477b7
- Switch to use `CryptoRandomBytes` instead of `CryptoRandomString`, OAuth's secrets are copied pasted and don't need to avoid dubious characters etc. - `CryptoRandomBytes` gives ![2^256 = 1.15 * 10^77](https://render.githubusercontent.com/render/math?math=2^256%20=%201.15%20\cdot%2010^77) `CryptoRandomString` gives ![62^44 = 7.33 * 10^78](https://render.githubusercontent.com/render/math?math=62^44%20=%207.33%20\cdot%2010^78) possible states. - Add a prefix, such that code scanners can easily grep these in source code. - 32 Bytes + prefix |
||
---|---|---|
.. | ||
main_test.go | ||
oauth2.go | ||
oauth2_test.go | ||
session.go | ||
source.go | ||
source_test.go | ||
twofactor.go | ||
webauthn.go | ||
webauthn_test.go |