Update password generation to cover whole alphabet and have 16 instead of 12 chars

New format: XXXX-XXXX-XXXX-XXXX
Which is longer, more annoying, but harder to have collision

2 files changed, 7 insertions, 2 deletions

diff --git a/sql.py b/sql.py
index 0f79033..f6bd6da 100644
--- a/sql.py
+++ b/sql.py
@@ -265,7 +265,8 @@ def clobber_email(userid, oldmail, newmail):
 def add_player(xmail):
     # TODO: Generate password using the whole alphabet.
     # The original string have 32 letters and we're using only 12
-    passwd=uuid.uuid4().hex[:12].upper()
+    # Since 28-07-2022 we're using 16 letters from all alphabet
+    passwd=utils.create_password(16)
 
 
     w = db.cursor()
diff --git a/utils.py b/utils.py
index 447eef9..c4cfb37 100644
--- a/utils.py
+++ b/utils.py
@@ -18,7 +18,7 @@
 #################################################################################
 # Util Module, forcefully inheirted by all modules
 
-import time, hashlib, datetime, uuid
+import time, hashlib, datetime, uuid, string, secrets
 import json, zlib, base64
 
 # Set server debug level
@@ -50,6 +50,10 @@ def md5salt(string):
 def create_token():
     return uuid.uuid4().hex
 
+def create_password(size=32):
+    alphabet = string.ascii_uppercase + string.digits
+    return ''.join(secrets.choice(alphabet) for i in range(size))
+
 def now():
     return int(time.time())