This repository was archived by the owner on Mar 3, 2026. It is now read-only.
File tree Expand file tree Collapse file tree 1 file changed +10
-5
lines changed
jooby/src/main/java/org/jooby Expand file tree Collapse file tree 1 file changed +10
-5
lines changed Original file line number Diff line number Diff line change 2020
2121import static java .util .Objects .requireNonNull ;
2222
23+ import java .security .SecureRandom ;
2324import java .util .Map ;
2425import java .util .Optional ;
25- import java .util .UUID ;
2626import java .util .concurrent .ConcurrentHashMap ;
2727import java .util .concurrent .ConcurrentMap ;
2828
29+ import com .google .common .io .BaseEncoding ;
30+
2931/**
3032 * <p>
3133 * Sessions are created on demand via: {@link Request#session()}.
@@ -185,6 +187,9 @@ public Cookie.Definition cookie() {
185187 */
186188 interface Store {
187189
190+ /** Single secure random instance. */
191+ SecureRandom rnd = new SecureRandom ();
192+
188193 /**
189194 * Get a session by ID (if any).
190195 *
@@ -210,14 +215,14 @@ interface Store {
210215 void delete (String id );
211216
212217 /**
213- * Generate a session ID, default algorithm use an {@link UUID} .
218+ * Generate a session ID.
214219 *
215220 * @return A unique session ID.
216221 */
217222 default String generateID () {
218- UUID uuid = UUID . randomUUID () ;
219- return Long . toString ( Math . abs ( uuid . getMostSignificantBits ()), 36 )
220- + Long . toString ( Math . abs ( uuid . getLeastSignificantBits ()), 36 );
223+ byte [] bytes = new byte [ 30 ] ;
224+ rnd . nextBytes ( bytes );
225+ return BaseEncoding . base64Url (). encode ( bytes );
221226 }
222227 }
223228
You can’t perform that action at this time.
0 commit comments