From 15205e8ec4bf729e55f7e9397873a87410d0098d Mon Sep 17 00:00:00 2001
From: Sebastian Pravda <sebastian.pravda@gmail.com>
Date: Mon, 24 Oct 2022 21:37:47 +0200
Subject: [PATCH] feat: foolproof random string function

---
 core/src/crypto.rs | 25 +++++++++++++++++++++----
 1 file changed, 21 insertions(+), 4 deletions(-)

diff --git a/core/src/crypto.rs b/core/src/crypto.rs
index fb6c4c6..6ea97b9 100644
--- a/core/src/crypto.rs
+++ b/core/src/crypto.rs
@@ -3,12 +3,29 @@ use argon2::{
 };
 use rand::Rng;
 
+
+/// Foolproof random 8 char string
+/// only uppercase letters (except for 0 and O) and numbers
+/// TODO tests
 pub fn random_8_char_string() -> String {
-    rand::thread_rng()
+    let iterator = rand::thread_rng()
         .sample_iter(&rand::distributions::Alphanumeric)
-        .take(8)
-        .map(char::from)
-        .collect::<String>()
+        .map(char::from);
+    
+
+    let mut s = String::new();
+    for c in iterator { // remove all uppercase and lowercase characters, exclude 0 and O
+        if ('1'..='9').contains(&c) ||
+            ('A'..='N').contains(&c) ||
+            ('P'..'Z').contains(&c)
+        {
+            s.push(c);
+            if s.len() == 8 {
+                break;
+            }
+        }
+    }
+    s
 }
 
 pub fn hash_password(password_plaint_text: &str) -> Result<String, argon2::password_hash::Error> {