Use base32 for 2FA scratch token (#18384)

* Use base32 for 2FA scratch token * rename Secure* to Crypto*, add comments
2022-01-26 12:10:10 +08:00 · 2022-01-26 12:10:10 +08:00 · 49dd906753
commit 49dd906753
parent 4889ab52de
11 changed files with 41 additions and 37 deletions
--- a/models/user/user.go
+++ b/models/user/user.go
@ -533,7 +533,7 @@ const SaltByteLength = 16

 // GetUserSalt returns a random user salt token.
 func GetUserSalt() (string, error) {
-	rBytes, err := util.RandomBytes(SaltByteLength)
+	rBytes, err := util.CryptoRandomBytes(SaltByteLength)
 	if err != nil {
 		return "", err
 	}