tangled.org / core
this repo has no description
fork atom

appview: use actual secrets

Anirudh Oppiliappan ea1b8530 6a3761d7

options
unified split
Changed files
+9 -3
appview
db
registration.go
+9 -3
appview/db/registration.go
··· 1 1 package db 2 2 3 3 import ( 4 + "crypto/rand" 4 5 "database/sql" 6 + "encoding/hex" 5 7 "fmt" 6 8 "log" 7 9 "time" 8 - 9 - "github.com/google/uuid" 10 10 ) 11 11 12 12 type Registration struct { ··· 101 101 return &registration, nil 102 102 } 103 103 104 + func genSecret() string { 105 + key := make([]byte, 32) 106 + rand.Read(key) 107 + return hex.EncodeToString(key) 108 + } 109 + 104 110 func (d *DB) GenerateRegistrationKey(domain, did string) (string, error) { 105 111 // sanity check: does this domain already have a registration? 106 112 reg, err := d.RegistrationByDomain(domain) ··· 120 126 } 121 127 } 122 128 123 - secret := uuid.New().String() 129 + secret := genSecret() 124 130 125 131 _, err = d.db.Exec(` 126 132 insert into registrations (domain, did, secret)