From 79887d1ce0aa21937d9ca81bb90e0da1f393ffaf Mon Sep 17 00:00:00 2001
From: Panagiotis Papadopoulos <pano_90@gmx.net>
Date: Tue, 31 Dec 2024 11:22:18 +0100
Subject: [PATCH] refactor(session_secret): use existing randomSecureToken
 function

this also improves secret security,
as it uses a larger charset size
than the UPPERCASED HEX secret before
---
 src/services/session_secret.ts | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/src/services/session_secret.ts b/src/services/session_secret.ts
index 2e67f1ed4..36e5d53af 100644
--- a/src/services/session_secret.ts
+++ b/src/services/session_secret.ts
@@ -1,9 +1,9 @@
 "use strict";
 
 import fs from "fs";
-import crypto from "crypto";
 import dataDir from "./data_dir.js";
 import log from "./log.js";
+import utils from "./utils.js"
 
 const sessionSecretPath = `${dataDir.TRILIUM_DATA_DIR}/session_secret.txt`;
 
@@ -11,14 +11,8 @@ let sessionSecret: string;
 
 const ENCODING = "ascii";
 
-function randomValueHex(len: number) {
-    return crypto.randomBytes(Math.ceil(len / 2))
-        .toString('hex') // convert to hexadecimal format
-        .slice(0, len).toUpperCase();   // return required number of characters
-}
-
 if (!fs.existsSync(sessionSecretPath)) {
-    sessionSecret = randomValueHex(64);
+    sessionSecret = utils.randomSecureToken(64).slice(0, 64);
 
     log.info("Generated session secret");