Replaced "random.randint" with "secrets.randbelow" in the "new_pk" function.

2022-12-05 19:40:12 +08:00
parent 607b5be9c0
commit f6f83fe323
1 changed files with 2 additions and 2 deletions
--- a/src/mia_core/utils.py
+++ b/src/mia_core/utils.py
@@ -19,8 +19,8 @@

 """
 import datetime
-import random
 import urllib.parse
+from secrets import randbelow
 from typing import Dict, List, Any, Type, Optional

 from django.conf import settings
@@ -40,7 +40,7 @@ def new_pk(cls: Type[Model]) -> int:
         The new random ID.
    """
    while True:
-        pk = random.randint(100000000, 999999999)
+        pk = 100000000 + randbelow(900000000)
        try:
            cls.objects.get(pk=pk)
        except cls.DoesNotExist: