1
\$\begingroup\$

I wrote this python function to generate random values to use as id for the cookies I have on my project.

These are some examples of what the return is:

'kck9874118vq{5470553602125615945684311372005'
'72195739g112py3472118v104h122z5038a100d118v912296336399110nu110n60041909'

That is the method:

def generateCookieID(userName):
 cookieId = ''
 for a in range(0,9):
 aux = randint(0,9999)
 if aux % 2==0:
 for i in range(1,4):
 letter = randint(97,123)
 if letter%2==1:
 cookieId += chr(letter)
 else:
 cookieId += str(letter)+chr(letter)
 cookieId += str(aux) 
 cookieJar['name'] = userName
 cookieJar['id'] = cookieId
 return cookieId

It works, but is it appropriate to use this way? What could I do better?

200_success
146k22 gold badges190 silver badges479 bronze badges
asked Oct 26, 2017 at 12:24
\$\endgroup\$
2
  • \$\begingroup\$ What is the purpose of this code? Why is cookieId only randomized when random aux is even? \$\endgroup\$ Commented Oct 26, 2017 at 13:21
  • \$\begingroup\$ It is just really, random. I wanted to mix letters and numbers and just decided to do this way. cookieId is always receiving random values, the difference is that when the program reaches the second for loop it will insert letters as well. \$\endgroup\$ Commented Oct 26, 2017 at 13:38

2 Answers 2

1
\$\begingroup\$

If you are on python 3.6, you can just use the secrets module: which you should be using, in case the random value should be secret.

From the documentation:

>>> token_urlsafe(16) 
'Drmhze6EPcv0fN_81Bj-nA'

if you're below python 3.6, see here, how it's implemented. You might just copy that.

answered Oct 26, 2017 at 13:43
\$\endgroup\$
3
  • \$\begingroup\$ That is very useful for me, thank you. I am just starting with python \$\endgroup\$ Commented Oct 26, 2017 at 13:47
  • \$\begingroup\$ This is not a review of the original code, but an alternative solution to a coding problem. \$\endgroup\$ Commented Oct 26, 2017 at 13:51
  • \$\begingroup\$ @RichardNeumann I kind of agree, but I also fully agree with this answer. Maybe a sentence discussing why it is bad to roll your own secure tokens would help. \$\endgroup\$ Commented Oct 26, 2017 at 21:50
1
\$\begingroup\$

Assuming the algorithm you provided makes sense, which I doubt, you might still improve your code by implementing PEP 8, using the string module and making use of the boolness of integers:

def generate_cookie_id(user_name):
 cookie_id = ''
 for a in range(0, 9):
 aux = randint(0, 9999)
 if not aux % 2:
 for i in range(1, 4):
 letter = randint(97, 123)
 if letter % 2:
 cookie_id += chr(letter)
 else:
 cookie_id += str(letter) + chr(letter)
 cookie_id += str(aux) 
 cookie_jar['name'] = user_name
 cookie_jar['id'] = cookie_id
 return cookie_id

Under the assumption that cookie_jar is defined within a higher scope.

However, you should not write hash functions on your own.
If you just need a safe, random string, you can use a uuid.uuid4().

answered Oct 26, 2017 at 14:00
\$\endgroup\$
2
  • \$\begingroup\$ I thought of doing something that does not really follow any logic. I just wanted to try mixing up random numbers and letters. The uuid and secrets are good solutions for what I wanted to do though. To understand better, why should I not hash on my own? I am trying to learn python \$\endgroup\$ Commented Oct 26, 2017 at 14:16
  • 2
    \$\begingroup\$ I would also eliminate the magic numbers 97 and 123 and make them ord('a') and ord('{') instead. \$\endgroup\$ Commented Oct 26, 2017 at 21:53

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.