From 6853ec0b691b14dbf977ab117b80a10e796105f1 Mon Sep 17 00:00:00 2001
From: imperosol <thgirod@hotmail.com>
Date: Tue, 19 Nov 2024 13:21:08 +0100
Subject: [PATCH] make random password generation safe

---
 subscription/views.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/subscription/views.py b/subscription/views.py
index 4abc8e83..9a39e7b0 100644
--- a/subscription/views.py
+++ b/subscription/views.py
@@ -13,7 +13,7 @@
 #
 #
 
-import random
+import secrets
 
 from django import forms
 from django.conf import settings
@@ -85,7 +85,7 @@ class SubscriptionForm(forms.ModelForm):
                     date_of_birth=self.cleaned_data.get("date_of_birth"),
                 )
                 u.generate_username()
-                u.set_password(str(random.randrange(1000000, 10000000)))
+                u.set_password(secrets.token_urlsafe(nbytes=10))
                 u.save()
                 cleaned_data["member"] = u
         elif cleaned_data.get("member") is not None: