mirror of
https://github.com/unisonweb/unison.git
synced 2024-09-20 06:47:15 +03:00
Use random token rather than NanoID
This commit is contained in:
parent
745660d972
commit
a7f234a558
@ -16,6 +16,7 @@ dependencies:
|
||||
- bytes
|
||||
- bytestring
|
||||
- containers
|
||||
- cryptonite
|
||||
- Diff
|
||||
- directory
|
||||
- errors
|
||||
|
@ -10,7 +10,9 @@ import Control.Concurrent.Async (race)
|
||||
import Control.Exception (ErrorCall (..), throwIO)
|
||||
import Control.Monad.Reader
|
||||
import Control.Monad.Trans.Except
|
||||
import Crypto.Random qualified as Crypto
|
||||
import Data.Aeson ()
|
||||
import Data.ByteArray.Encoding qualified as BE
|
||||
import Data.ByteString qualified as Strict
|
||||
import Data.ByteString.Char8 (unpack)
|
||||
import Data.ByteString.Char8 qualified as C8
|
||||
@ -82,7 +84,6 @@ import System.Directory (canonicalizePath, doesFileExist)
|
||||
import System.Environment (getExecutablePath)
|
||||
import System.FilePath ((</>))
|
||||
import System.FilePath qualified as FilePath
|
||||
import System.Random.MWC (createSystemRandom)
|
||||
import U.Codebase.HashTags (CausalHash)
|
||||
import Unison.Codebase (Codebase)
|
||||
import Unison.Codebase qualified as Codebase
|
||||
@ -406,9 +407,18 @@ app env rt codebase uiPath expectedToken allowCorsHost =
|
||||
|
||||
-- | The Token is used to help prevent multiple users on a machine gain access to
|
||||
-- each others codebases.
|
||||
--
|
||||
-- Generate a cryptographically secure random token.
|
||||
-- https://neilmadden.blog/2018/08/30/moving-away-from-uuids/
|
||||
--
|
||||
-- E.g.
|
||||
-- >>> genToken
|
||||
-- "uxf85C7Y0B6om47"
|
||||
genToken :: IO Strict.ByteString
|
||||
genToken = do
|
||||
BSC.pack . UUID.toString <$> UUID.nextRandom
|
||||
BE.convertToBase @ByteString BE.Base64URLUnpadded <$> Crypto.getRandomBytes numRandomBytes
|
||||
where
|
||||
numRandomBytes = 10
|
||||
|
||||
data Waiter a = Waiter
|
||||
{ notify :: a -> IO (),
|
||||
|
@ -91,6 +91,7 @@ library
|
||||
, bytes
|
||||
, bytestring
|
||||
, containers
|
||||
, cryptonite
|
||||
, directory
|
||||
, errors
|
||||
, extra
|
||||
|
Loading…
Reference in New Issue
Block a user