alteropen/jellyfin
1
0
Fork 0
mirror of https://github.com/jellyfin/jellyfin.git synced 2026-03-23 02:27:17 +00:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Merge pull request #6676 from Bond-009/rng

Browse Source 
Use static crypto rng
This commit is contained in:
Claus Vium
2021-10-09 08:11:22 +02:00
committed by GitHub
parent b16e6621b3 3b492d4af8
commit 1bfe6342df
2 changed files with 9 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
Jellyfin.Server.Implementations/Users/DefaultPasswordResetProvider.cs
View File

@@ -93,13 +93,9 @@ namespace Jellyfin.Server.Implementations.Users
/// <inheritdoc />
public async Task<ForgotPasswordResult> StartForgotPasswordProcess(User user, bool isInNetwork)
{
string pin;
using (var cryptoRandom = RandomNumberGenerator.Create())
{
byte[] bytes = new byte[4];
cryptoRandom.GetBytes(bytes);
pin = BitConverter.ToString(bytes);
}
byte[] bytes = new byte[4];
RandomNumberGenerator.Fill(bytes);
string pin = BitConverter.ToString(bytes);
DateTime expireTime = DateTime.UtcNow.AddMinutes(30);
string filePath = _passwordResetFileBase + user.Id + ".json";
@@ -114,7 +110,6 @@ namespace Jellyfin.Server.Implementations.Users
await using (FileStream fileStream = AsyncFile.OpenWrite(filePath))
{
await JsonSerializer.SerializeAsync(fileStream, spr).ConfigureAwait(false);
await fileStream.FlushAsync().ConfigureAwait(false);
}
user.EasyPassword = pin;