harald/zeroclaw
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3

fix(token): update token generation to use rand::rng() to resolve deprecation warnings

Browse source
This commit is contained in:
Mike Boensel 2026-02-18 02:11:51 -05:00
parent 42bf05df47
commit 0166f2d4de
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/security/pairing.rs
View file

@ -176,14 +176,14 @@ fn generate_code() -> String {
/// Generate a cryptographically-adequate bearer token with 256-bit entropy.
///
/// Uses `rand::thread_rng()` which is backed by the OS CSPRNG
/// Uses `rand::rng()` which is backed by the OS CSPRNG
/// (/dev/urandom on Linux, BCryptGenRandom on Windows, SecRandomCopyBytes
/// on macOS). The 32 random bytes (256 bits) are hex-encoded for a
/// 64-character token, providing 256 bits of entropy.
fn generate_token() -> String {
use rand::RngCore;
let mut bytes = [0u8; 32];
rand::thread_rng().fill_bytes(&mut bytes);
rand::rng().fill_bytes(&mut bytes);
format!("zc_{}", hex::encode(bytes))
}