From 5229a0173a2f194d778cc72cde43627791e84435 Mon Sep 17 00:00:00 2001
From: jxxghp <jxxghp@gmail.com>
Date: Sat, 14 Sep 2024 12:20:22 +0800
Subject: [PATCH] fix

---
 app/core/config.py                      | 2 +-
 database/versions/294b007932ef_2_0_0.py | 7 ++-----
 2 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/app/core/config.py b/app/core/config.py
index a7ae3e7d..6ef7ee39 100644
--- a/app/core/config.py
+++ b/app/core/config.py
@@ -206,7 +206,7 @@ class Settings(BaseSettings):
     def validate_api_token(cls, v):
         if not v:
             new_token = secrets.token_urlsafe(16)
-            logger.info(f"API_TOKEN 未设置，已随机生成新的 API_TOKEN：{new_token}")
+            logger.info(f"【API_TOKEN】未设置，已随机生成新的 API_TOKEN：{new_token}")
             set_key(str(SystemUtils.get_env_path()), "API_TOKEN", new_token)
             return new_token
         elif len(v) < 16:
diff --git a/database/versions/294b007932ef_2_0_0.py b/database/versions/294b007932ef_2_0_0.py
index c8b04683..1c24f673 100644
--- a/database/versions/294b007932ef_2_0_0.py
+++ b/database/versions/294b007932ef_2_0_0.py
@@ -6,8 +6,7 @@ Create Date: 2024-07-20 08:43:40.741251
 
 """
 
-import random
-import string
+import secrets
 
 from app.core.config import settings
 from app.core.security import get_password_hash
@@ -32,10 +31,8 @@ def upgrade() -> None:
         # 初始化超级管理员
         _user = User.get_by_name(db=db, name=settings.SUPERUSER)
         if not _user:
-            # 定义包含数字、大小写字母的字符集合
-            characters = string.ascii_letters + string.digits
             # 生成随机密码
-            random_password = ''.join(random.choice(characters) for _ in range(16))
+            random_password = secrets.token_urlsafe(16)
             logger.info(
                 f"【超级管理员初始密码】{random_password} 请登录系统后在设定中修改。 注：该密码只会显示一次，请注意保存。")
             _user = User(