[Python-checkins] import secrets module in secrets recipes (#6705)

stevendaprano webhook-mailer at python.org
Sat May 19 11:02:00 EDT 2018 

https://github.com/python/cpython/commit/cf8abcbe0310ab4b3eb8b66ae795878b9df1a8ac
commit: cf8abcbe0310ab4b3eb8b66ae795878b9df1a8ac
branch: master
author: Daniel Chimeno <daniel at chimeno.me>
committer: stevendaprano <steve+python at pearwood.info>
date: 2018-05-20T01:01:49+10:00
summary:

import secrets module in secrets recipes (#6705)

files:
M Doc/library/secrets.rst

diff --git a/Doc/library/secrets.rst b/Doc/library/secrets.rst
index 28ce472c7e7e..bc4766da2785 100644
--- a/Doc/library/secrets.rst
+++ b/Doc/library/secrets.rst
@@ -145,8 +145,9 @@ Generate an eight-character alphanumeric password:
 .. testcode::
 
    import string
+   import secrets
    alphabet = string.ascii_letters + string.digits
-   password = ''.join(choice(alphabet) for i in range(8))
+   password = ''.join(secrets.choice(alphabet) for i in range(8))
 
 
 .. note::
@@ -164,9 +165,10 @@ three digits:
 .. testcode::
 
    import string
+   import secrets
    alphabet = string.ascii_letters + string.digits
    while True:
-       password = ''.join(choice(alphabet) for i in range(10))
+       password = ''.join(secrets.choice(alphabet) for i in range(10))
        if (any(c.islower() for c in password)
                and any(c.isupper() for c in password)
                and sum(c.isdigit() for c in password) >= 3):
@@ -177,11 +179,12 @@ Generate an `XKCD-style passphrase <https://xkcd.com/936/>`_:
 
 .. testcode::
 
+   import secrets
    # On standard Linux systems, use a convenient dictionary file.
    # Other platforms may need to provide their own word-list.
    with open('/usr/share/dict/words') as f:
        words = [word.strip() for word in f]
-       password = ' '.join(choice(words) for i in range(4))
+       password = ' '.join(secrets.choice(words) for i in range(4))
 
 
 Generate a hard-to-guess temporary URL containing a security token
@@ -189,7 +192,8 @@ suitable for password recovery applications:
 
 .. testcode::
 
-   url = 'https://mydomain.com/reset=' + token_urlsafe()
+   import secrets
+   url = 'https://mydomain.com/reset=' + secrets.token_urlsafe()

More information about the Python-checkins mailing list