prosody
87dd8639f08f
spec/util_random_spec.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

File

spec/util_random_spec.lua @ 13843:87dd8639f08f 13.0

mod_invites_register: Stricter validation of registration events This fixes two problems: 1) Account invites that were created with a specific username were not in fact restricted to that username. 2) Password reset invites were not restricted to resetting passwords, but could be used to create an arbitrary new account if the client or registration frontend (e.g. mod_invites_register_web) doesn't handle/enforce the username. This new validation ensures that registrations and resets are always for the username specified in the invitation.
author Matthew Wild <mwild1@gmail.com>
date Thu, 10 Apr 2025 16:07:32 +0100
parent 8450:3a9a3d90c44c
line wrap: on
line source


local random = require "util.random";

describe("util.random", function()
	describe("#bytes()", function()
		it("should return a string", function()
			assert.is_string(random.bytes(16));
		end);

		it("should return the requested number of bytes", function()
			-- Makes no attempt at testing how random the bytes are,
			-- just that it returns the number of bytes requested

			for i = 1, 20 do
				assert.are.equal(2^i, #random.bytes(2^i));
			end
		end);
	end);
end);