From 0cb7008ed4b0bed2c9525ac39d503616df02aa0d Mon Sep 17 00:00:00 2001
From: Timo Nogueira Brockmeyer <39943803+tibroc@users.noreply.github.com>
Date: Wed, 5 Jun 2024 11:49:10 +0200
Subject: [PATCH] use 'secrets' module instead of 'random' to generate pin
 (#19)

closes #18
---
 pairing-server/app.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pairing-server/app.py b/pairing-server/app.py
index b711ee8..717aeff 100644
--- a/pairing-server/app.py
+++ b/pairing-server/app.py
@@ -1,7 +1,7 @@
 import asyncio
 from quart import Quart, websocket
 import json
-import random
+import secrets
 import traceback
 from atomicx import AtomicInt
 
@@ -22,7 +22,7 @@ def validate_client_config(config) -> bool:
 
 def generate_pin():
     while True:
-        pin = random.randrange(1e5, 1e6 - 1)  # nosec: B311
+        pin = secrets.randbelow(int(1e6 - 1e5)) + int(1e5)
         pin_free = pin not in pin_to_room
         if pin_free:
             return pin
@@ -124,7 +124,7 @@ async def handle_ws() -> None:
     # pin provided by bbb plugin
     pin = None
     # verification pin after conn established
-    pairing_pin = random.randrange(1e3, 1e4 - 1)  # nosec: B311
+    pairing_pin = secrets.randbelow(int(1e6 - 1e5)) + int(1e5)
     forward_task = None
     try:
         data = await websocket.receive_json()