Skip to content

Commit

Permalink
fix: 보안 이슈로 Random() -> SecureRandom() 사용하도록 수정
Browse files Browse the repository at this point in the history
  • Loading branch information
@jaeuk520
jaeuk520 committed Oct 1, 2024
1 parent 647e6a2 commit c60996d
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion src/main/java/com/ku/covigator/service/AuthService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.multipart.MultipartFile;

import java.security.SecureRandom;
import java.util.Optional;


Expand Down Expand Up @@ -124,9 +125,10 @@ private void validatePassword(String password, String encodedPassword) {

// 신규 닉네임 생성
private String createRandomNickname() {
SecureRandom secureRandom = new SecureRandom();
String nickname;
do {
nickname = BASE_NICKNAME + (int) (Math.random() * MAX_UID + 1);
nickname = BASE_NICKNAME + (secureRandom.nextInt(MAX_UID) + 1);
} while (isNicknameDuplicated(nickname));
return nickname;
}
Expand Down

0 comments on commit c60996d

Please sign in to comment.