[Python-checkins] import secrets module in secrets recipes (#6705)
stevendaprano
webhook-mailer at python.org
Sat May 19 11:02:00 EDT 2018
https://github.com/python/cpython/commit/cf8abcbe0310ab4b3eb8b66ae795878b9df1a8ac
commit: cf8abcbe0310ab4b3eb8b66ae795878b9df1a8ac
branch: master
author: Daniel Chimeno <daniel at chimeno.me>
committer: stevendaprano <steve+python at pearwood.info>
date: 2018-05-20T01:01:49+10:00
summary:
import secrets module in secrets recipes (#6705)
files:
M Doc/library/secrets.rst
diff --git a/Doc/library/secrets.rst b/Doc/library/secrets.rst
index 28ce472c7e7e..bc4766da2785 100644
--- a/Doc/library/secrets.rst
+++ b/Doc/library/secrets.rst
@@ -145,8 +145,9 @@ Generate an eight-character alphanumeric password:
.. testcode::
import string
+ import secrets
alphabet = string.ascii_letters + string.digits
- password = ''.join(choice(alphabet) for i in range(8))
+ password = ''.join(secrets.choice(alphabet) for i in range(8))
.. note::
@@ -164,9 +165,10 @@ three digits:
.. testcode::
import string
+ import secrets
alphabet = string.ascii_letters + string.digits
while True:
- password = ''.join(choice(alphabet) for i in range(10))
+ password = ''.join(secrets.choice(alphabet) for i in range(10))
if (any(c.islower() for c in password)
and any(c.isupper() for c in password)
and sum(c.isdigit() for c in password) >= 3):
@@ -177,11 +179,12 @@ Generate an `XKCD-style passphrase <https://xkcd.com/936/>`_:
.. testcode::
+ import secrets
# On standard Linux systems, use a convenient dictionary file.
# Other platforms may need to provide their own word-list.
with open('/usr/share/dict/words') as f:
words = [word.strip() for word in f]
- password = ' '.join(choice(words) for i in range(4))
+ password = ' '.join(secrets.choice(words) for i in range(4))
Generate a hard-to-guess temporary URL containing a security token
@@ -189,7 +192,8 @@ suitable for password recovery applications:
.. testcode::
- url = 'https://mydomain.com/reset=' + token_urlsafe()
+ import secrets
+ url = 'https://mydomain.com/reset=' + secrets.token_urlsafe()
More information about the Python-checkins
mailing list