0

I'm trying to generate auth token in my django project.When i inspect source code of django-rest framework, they seem to generate auth_token using:-

binascii.hexlify(os.urandom(20)).decode()

but auth_token should be unique so that i can find corresponding user from auth_token.What is the best possible way of generating auth token, uuid or same as that of drf framework?

Gagan Singh
  • 200
  • 1
  • 13
  • you can go with the DRF way, I don't see any problem with that, do you? – JPG Nov 26 '19 at 03:28
  • @JPG i think that it my generate two auth_token which are same. Point out, if i'm wrong – Gagan Singh Nov 26 '19 at 03:42
  • In short, they won't. see this post [Whats the difference between os.urandom() and random?](https://stackoverflow.com/questions/47514695/whats-the-difference-between-os-urandom-and-random) – JPG Nov 26 '19 at 04:03
  • see this also [Which one is more secure to use? uuid, binascii.hexlify(os.urandom()) or random.SystemRandom()?](https://stackoverflow.com/questions/42579156/which-one-is-more-secure-to-use-uuid-binascii-hexlifyos-urandom-or-random) – JPG Nov 26 '19 at 04:17

0 Answers0