refactor: switch to use SecureRandom for random strings

app/lib/smtp_server/client.rb

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require "nifty/utils/random_string"
-
 module SMTPServer
   class Client
 

app/models/concerns/has_authentication.rb

@@ -30,7 +30,7 @@ module HasAuthentication
   end
 
   def begin_password_reset(return_to = nil)
-    self.password_reset_token = Nifty::Utils::RandomString.generate(length: 24)
+    self.password_reset_token = SecureRandom.alphanumeric(24)
     self.password_reset_token_valid_until = 1.day.from_now
     save!
     AppMailer.password_reset(self, return_to).deliver

app/models/domain.rb

@@ -164,7 +164,7 @@ class Domain < ApplicationRecord
     return unless verification_method_changed?
 
     if verification_method == "DNS"
-      self.verification_token = Nifty::Utils::RandomString.generate(length: 32)
+      self.verification_token = SecureRandom.alphanumeric(32)
     elsif verification_method == "Email"
       self.verification_token = rand(999_999).to_s.ljust(6, "0")
     else

app/senders/http_sender.rb

@@ -6,7 +6,7 @@ class HTTPSender < BaseSender
     super()
     @endpoint = endpoint
     @options = options
-    @log_id = Nifty::Utils::RandomString.generate(length: 8).upcase
+    @log_id = SecureRandom.alphanumeric(8).upcase
   end
 
   def send_message(message)

lib/postal/message_db/database.rb

@@ -327,7 +327,7 @@ module Postal
         time = Time.now.to_f - start_time
         logger.debug "  \e[4;34mMessageDB Query (#{time.round(2)}s) \e[0m  \e[33m#{query}\e[0m"
         if time > 0.05 && query =~ /\A(SELECT|UPDATE|DELETE) /
-          id = Nifty::Utils::RandomString.generate(length: 6).upcase
+          id = SecureRandom.alphanumeric(8)
           explain_result = ResultForExplainPrinter.new(connection.query("EXPLAIN #{query}"))
           logger.info "  [#{id}] EXPLAIN #{query}"
           ActiveRecord::ConnectionAdapters::MySQL::ExplainPrettyPrinter.new.pp(explain_result, time).split("\n").each do |line|

lib/postal/message_db/message.rb

@@ -488,7 +488,7 @@ module Postal
       #
       def create_link(url)
         hash = Digest::SHA1.hexdigest(url.to_s)
-        token = Nifty::Utils::RandomString.generate(length: 8)
+        token = SecureRandom.alphanumeric(16)
         database.insert(:links, { message_id: id, hash: hash, url: url, timestamp: Time.now.to_f, token: token })
         token
       end
@@ -585,7 +585,7 @@ module Postal
       def _create(queue: true)
         self.timestamp = Time.now.to_f if timestamp.blank?
         self.status = "Pending" if status.blank?
-        self.token = Nifty::Utils::RandomString.generate(length: 12) if token.blank?
+        self.token = SecureRandom.alphanumeric(16) if token.blank?
         last_id = @database.insert("messages", @attributes.except(:id))
         @attributes["id"] = last_id
         @database.statistics.increment_all(timestamp, scope)