From 24affb2277d7a3906bd9006fd598ffa84c590054 Mon Sep 17 00:00:00 2001
From: Nicholas Ellul <nicholas.ellul1@gmail.com>
Date: Tue, 9 Feb 2021 11:29:53 -0500
Subject: [PATCH] Use random bytes when generating nonce

---
 src/utils/nonce.ts | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/src/utils/nonce.ts b/src/utils/nonce.ts
index 3e284867b..59a490b08 100644
--- a/src/utils/nonce.ts
+++ b/src/utils/nonce.ts
@@ -1,11 +1,14 @@
+import crypto from 'crypto';
+
 export default function nonce(): string {
   const length = 15;
-  let nonce = '';
+  const bytes = crypto.randomBytes(length);
 
-  for (let i = 0; i <= 3; i++) {
-    nonce += Math.round(Number(new Date()) * Math.random());
-  }
+  const nonce = bytes
+    .map((byte) => {
+      return byte % 10;
+    })
+    .join("");
 
-  const str = nonce.substr(nonce.length - length);
-  return str;
-}
+  return nonce;
+}
\ No newline at end of file