use secrets instead of os.urandom

2021-10-12 09:00:50 -04:00 · 2021-10-12 09:00:50 -04:00 · 58a08a1d73
commit 58a08a1d73
parent 8ddf80c3ea
3 changed files with 9 additions and 9 deletions
--- a/docs/quickstart.rst
+++ b/docs/quickstart.rst
@ -847,8 +847,8 @@ sessions work::
    generator. Use the following command to quickly generate a value for
    :attr:`Flask.secret_key` (or :data:`SECRET_KEY`)::

-        $ python -c 'import os; print(os.urandom(16))'
-        b'_5#y2L"F4Q8z\n\xec]/'
+        $ python -c 'import secrets; print(secrets.token_hex())'
+        '192b9bdd22ab9ed4d12e236c78afcb9a393ec15f71bbf5dc987d54727823bcbf'

 A note on cookie-based sessions: Flask will take the values you put into the
 session object and serialize them into a cookie.  If you are finding some