From ca5c89f130a9ee166eac27443fd2cbccb601a818 Mon Sep 17 00:00:00 2001
From: Alexey Kostin <a.kostin@corp.mail.ru>
Date: Wed, 6 Mar 2024 18:43:44 +0300
Subject: [PATCH] Generate secure token using crypto rand

---
 server/token.go | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/server/token.go b/server/token.go
index f3aa012..4394bea 100644
--- a/server/token.go
+++ b/server/token.go
@@ -25,7 +25,9 @@ THE SOFTWARE.
 package server
 
 import (
-	"math/rand"
+	"crypto/rand"
+	"log"
+	"math/big"
 )
 
 const (
@@ -37,8 +39,11 @@ const (
 func token(length int) string {
 	result := ""
 	for i := 0; i < length; i++ {
-		x := rand.Intn(len(SYMBOLS) - 1)
-		result = string(SYMBOLS[x]) + result
+		x, err := rand.Int(rand.Reader, big.NewInt(int64(len(SYMBOLS))))
+		if err != nil {
+			log.Fatal("Failed to generate token")
+		}
+		result = string(SYMBOLS[x.Int64()]) + result
 	}
 
 	return result