From d3bc71b161f6f0f4edcbb2047d8c63a575dc441e Mon Sep 17 00:00:00 2001 From: 0xA <43623870+zylideum@users.noreply.github.com> Date: Sun, 8 Sep 2024 14:01:22 -0700 Subject: [PATCH 1/2] Refactored first-time password generation --- extra/management/commands/initadmin.py | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/extra/management/commands/initadmin.py b/extra/management/commands/initadmin.py index 60ee977..6017fb4 100644 --- a/extra/management/commands/initadmin.py +++ b/extra/management/commands/initadmin.py @@ -3,15 +3,22 @@ # from django.conf import settings import os +import string +import secrets class Command(BaseCommand): def handle(self, *args, **options): if User.objects.count() == 0: username = os.getenv("ADMIN_USERNAME") email = os.getenv("ADMIN_EMAIL") - password = User.objects.make_random_password() + password = self.generate_initial_password() print('Creating account for %s (%s)' % (username, email)) admin = User.objects.create_superuser(email=email, username=username, password=password) admin.is_active = True admin.is_admin = True admin.save() + + # from https://docs.python.org/3/library/secrets.html#recipes-and-best-practices + def generate_initial_password(self): + alpha = string.ascii_letters + string.digits + password = ''.join(secrets.choice(alpha) for i in range(16)) From f6cdecae03a11019d54fcaf81bfe52a1eac078de Mon Sep 17 00:00:00 2001 From: 0xA <43623870+zylideum@users.noreply.github.com> Date: Sun, 8 Sep 2024 14:02:41 -0700 Subject: [PATCH 2/2] Fixed return --- extra/management/commands/initadmin.py | 1 + 1 file changed, 1 insertion(+) diff --git a/extra/management/commands/initadmin.py b/extra/management/commands/initadmin.py index 6017fb4..b387df6 100644 --- a/extra/management/commands/initadmin.py +++ b/extra/management/commands/initadmin.py @@ -22,3 +22,4 @@ def handle(self, *args, **options): def generate_initial_password(self): alpha = string.ascii_letters + string.digits password = ''.join(secrets.choice(alpha) for i in range(16)) + return password