db: increase email verification token length and also allow lowercase characters
Implements https://github.com/pellaeon/registration/issues/179. Following the birthday paradoxon there were token collisions with a probability of 50% with ~55.000 open registrations: https://play.golang.org/p/zVLvfc2VfSI
This commit is contained in:
Leon Klingele
Pellaeon Lin
parent
a77f07f019
commit
8d05f77e9c
|
|
@ -85,7 +85,7 @@ class RegistrationMapper extends Mapper {
|
|||
* @param Registration $registration
|
||||
*/
|
||||
public function generateNewToken(Registration &$registration) {
|
||||
$token = $this->random->generate(6, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS);
|
||||
$token = $this->random->generate(10, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
|
||||
$registration->setToken($token);
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue