refactor: Patch user verification code#160
Open
eugengi wants to merge 2 commits intoSpaceyaTech:mainfrom
Open
Conversation
- Add dedicated test module for account utils. - Refactor and extract all verification code tests from `test_models`. [Reason] This designs requires a resultant `utils` module which increases SoC. [Goals] - test `secrets` module usage under the hood. - test code uses the expected sequence and length [Note] This test introduces a dependency to the `secrets` module. This a trade-off to ensure secure and cryptographic code generation.
Replace the usage of `random` to generate confidential data. [Reason] - `secrets` is properly seeded to generate cryptographic random data. [Chore] - Format module with tool `black`. Order imports with tool `isort`. - Update docstring for the `User` model. [Docs] See, `secrets` library: https://docs.python.org/3/library/secrets.html See, `PEP506`: https://peps.python.org/pep-0506/
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
Hello Contributor,👋👋 Thank You For Opening This Pull Request 🎉🎉
Welcome to SpaceYaTech
We are the fastest growing Africa Open-Source Community Looking To Change The Way Young Africans Get Started In Technology.
JOIN US | THRIVE | GROW
It's great having you contribute to this project
Welcome to the community 🤓 🍿 **Fun facts** - we eat bugs 🐛🐛🐛🐛 for breakfast 🥣This Pull request has been queued for `review`
Sit tight the maintainers are on your case.Soon the maintainers/owner will review it and provide you with feedback suggestions.
If you think it's something urgent, feel free to reach out
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This branch introduces patches and enhancements to the current
accountsapp. This PR's primary goal was to address the logic to generate a user verification code using the standard Python librandomwhich is discouraged for potentially sensitive or confidential data. For more details, seePEP506Fixes:
N/AType of change
Decisions
verification_codeis coupled to thesecretslib. This is a minor tradeoff toensure the
randomlib is not used under the hood. A subsequent patch to decouple the util will be added soon.Testing
Test Configuration:
The following asserts newly added tests pass:
The following asserts all project tests pass:
Additional
General:
Compose. I can make another PR to merge these patches to improve the developer experience.Checklist: