import secrets module in secrets recipes (#6705)

2018-05-19 17:01:49 +02:00 · 2018-05-19 17:01:49 +02:00 · cf8abcbe03
parent f65e31fee3
commit cf8abcbe03
1 changed files with 8 additions and 4 deletions
--- a/Doc/library/secrets.rst
+++ b/Doc/library/secrets.rst
@ -145,8 +145,9 @@ Generate an eight-character alphanumeric password:
 .. testcode::

   import string
+   import secrets
   alphabet = string.ascii_letters + string.digits
-   password = ''.join(choice(alphabet) for i in range(8))
+   password = ''.join(secrets.choice(alphabet) for i in range(8))


 .. note::
@ -164,9 +165,10 @@ three digits:
 .. testcode::

   import string
+   import secrets
   alphabet = string.ascii_letters + string.digits
   while True:
-       password = ''.join(choice(alphabet) for i in range(10))
+       password = ''.join(secrets.choice(alphabet) for i in range(10))
       if (any(c.islower() for c in password)
               and any(c.isupper() for c in password)
               and sum(c.isdigit() for c in password) >= 3):
@ -177,11 +179,12 @@ Generate an `XKCD-style passphrase <https://xkcd.com/936/>`_:

 .. testcode::

+   import secrets
   # On standard Linux systems, use a convenient dictionary file.
   # Other platforms may need to provide their own word-list.
   with open('/usr/share/dict/words') as f:
       words = [word.strip() for word in f]
-       password = ' '.join(choice(words) for i in range(4))
+       password = ' '.join(secrets.choice(words) for i in range(4))


 Generate a hard-to-guess temporary URL containing a security token
@ -189,7 +192,8 @@ suitable for password recovery applications:

 .. testcode::

-   url = 'https://mydomain.com/reset=' + token_urlsafe()
+   import secrets
+   url = 'https://mydomain.com/reset=' + secrets.token_urlsafe()