Use ActiveSupport::SecureRandom to generate tokens (#3351).

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2740 e93f8b46-1217-0410-a6f0-8f06a7374b81
author: Jean-Philippe Lang <jp_lang@yahoo.fr> 2009-05-13 16:54:32 +0000
committer: Jean-Philippe Lang <jp_lang@yahoo.fr> 2009-05-13 16:54:32 +0000
commit: 3e523839887fd1ffc12b5dd4a49e8992463a4cc6 (patch)
tree: d2172e94602dc611c2d105b91d1eefe40067c572 /app
parent: e5ed2b0f73f3a7ac1f87eb3a78878d0be892dbae (diff)
download: redmine-3e523839887fd1ffc12b5dd4a49e8992463a4cc6.tar.gz
redmine-3e523839887fd1ffc12b5dd4a49e8992463a4cc6.zip
1 files changed, 1 insertions, 4 deletions
diff --git a/app/models/token.rb b/app/models/token.rb
index 0e8c2c3e2..54e251a40 100644
--- a/app/models/token.rb
+++ b/app/models/token.rb
@@ -36,9 +36,6 @@ class Token < ActiveRecord::Base
   
 private
   def self.generate_token_value
-    chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
-    token_value = ''
-    40.times { |i| token_value << chars[rand(chars.size-1)] }
-    token_value
+    ActiveSupport::SecureRandom.hex(20)
   end
 end
author	Jean-Philippe Lang <jp_lang@yahoo.fr>	2009-05-13 16:54:32 +0000
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>	2009-05-13 16:54:32 +0000
commit	3e523839887fd1ffc12b5dd4a49e8992463a4cc6 (patch)
tree	d2172e94602dc611c2d105b91d1eefe40067c572 /app
parent	e5ed2b0f73f3a7ac1f87eb3a78878d0be892dbae (diff)
download	redmine-3e523839887fd1ffc12b5dd4a49e8992463a4cc6.tar.gz redmine-3e523839887fd1ffc12b5dd4a49e8992463a4cc6.zip