From 8cffd88ae197bde754302101f095d4f01633d273 Mon Sep 17 00:00:00 2001
From: Mo8it <mo8it@proton.me>
Date: Sun, 3 Jul 2022 17:46:23 +0200
Subject: [PATCH] Harden password generation

---
 advlabdb/model_independent_funs.py | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/advlabdb/model_independent_funs.py b/advlabdb/model_independent_funs.py
index 68eb766..e5dcaee 100644
--- a/advlabdb/model_independent_funs.py
+++ b/advlabdb/model_independent_funs.py
@@ -1,19 +1,21 @@
 # Functions not dependent on advlabdb.models
 
-from random import choice
+import secrets
 from string import ascii_letters, digits
 
 from sqlalchemy import func, select
 
 from . import app, db
 
+PASSWORD_CHARS: str = ascii_letters + digits + "!%*+=?"
 
-def randomPassword():
+
+def randomPassword() -> str:
     password_length = app.config["SECURITY_PASSWORD_LENGTH_MIN"]
-    return "".join(choice(ascii_letters + digits) for i in range(password_length))
+    return "".join(secrets.choice(PASSWORD_CHARS) for i in range(password_length))
 
 
-def reportBadAttempt(message):
+def reportBadAttempt(message: str) -> None:
     print("BAD ATTEMPT:", message)  # TODO: Log