From cf8abcbe0310ab4b3eb8b66ae795878b9df1a8ac Mon Sep 17 00:00:00 2001 From: Daniel Chimeno Date: Sat, 19 May 2018 17:01:49 +0200 Subject: import secrets module in secrets recipes (#6705) --- Doc/library/secrets.rst | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/Doc/library/secrets.rst b/Doc/library/secrets.rst index 28ce472..bc4766d 100644 --- a/Doc/library/secrets.rst +++ b/Doc/library/secrets.rst @@ -145,8 +145,9 @@ Generate an eight-character alphanumeric password: .. testcode:: import string + import secrets alphabet = string.ascii_letters + string.digits - password = ''.join(choice(alphabet) for i in range(8)) + password = ''.join(secrets.choice(alphabet) for i in range(8)) .. note:: @@ -164,9 +165,10 @@ three digits: .. testcode:: import string + import secrets alphabet = string.ascii_letters + string.digits while True: - password = ''.join(choice(alphabet) for i in range(10)) + password = ''.join(secrets.choice(alphabet) for i in range(10)) if (any(c.islower() for c in password) and any(c.isupper() for c in password) and sum(c.isdigit() for c in password) >= 3): @@ -177,11 +179,12 @@ Generate an `XKCD-style passphrase `_: .. testcode:: + import secrets # On standard Linux systems, use a convenient dictionary file. # Other platforms may need to provide their own word-list. with open('/usr/share/dict/words') as f: words = [word.strip() for word in f] - password = ' '.join(choice(words) for i in range(4)) + password = ' '.join(secrets.choice(words) for i in range(4)) Generate a hard-to-guess temporary URL containing a security token @@ -189,7 +192,8 @@ suitable for password recovery applications: .. testcode:: - url = 'https://mydomain.com/reset=' + token_urlsafe() + import secrets + url = 'https://mydomain.com/reset=' + secrets.token_urlsafe() -- cgit v0.12