kjanat/livedash-node
1
0
Fork 0
mirror of https://github.com/kjanat/livedash-node.git synced 2026-01-16 13:32:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

Potential fix for code scanning alert no. 1: Insecure randomness

Browse Source 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
This commit is contained in:
Kaj Kowalski
2025-05-22 07:40:24 +02:00
committed by GitHub
parent 8284326016
commit 7a3ebc30d3
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
pages/api/dashboard/users.ts
View File

@ -1,4 +1,5 @@
import { NextApiRequest, NextApiResponse } from "next";
import crypto from "crypto";
import { getServerSession } from "next-auth";
import { prisma } from "../../../lib/prisma";
import bcrypt from "bcryptjs";
@ -43,7 +44,7 @@ export default async function handler(
return res.status(400).json({ error: "Missing fields" });
const exists = await prisma.user.findUnique({ where: { email } });
if (exists) return res.status(409).json({ error: "Email exists" });
const tempPassword = Math.random().toString(36).slice(-8); // random initial password
const tempPassword = crypto.randomBytes(12).toString('base64').slice(0, 12); // secure random initial password
await prisma.user.create({
data: {
email,