From b3df5e763c67c836554ccfb71b796ba1a0f51bfc Mon Sep 17 00:00:00 2001
From: Andrew Godwin
Date: Sat, 3 Dec 2022 14:06:55 -0700
Subject: Switch to secrets module for upload names

---
 core/uploads.py | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/core/uploads.py b/core/uploads.py
index ef235f0..0160e2e 100644
--- a/core/uploads.py
+++ b/core/uploads.py
@@ -1,6 +1,5 @@
-import base64
 import os
-import uuid
+import secrets
 
 from django.utils import timezone
 
@@ -11,5 +10,5 @@ def upload_namer(prefix, instance, filename):
     """
     now = timezone.now()
     _, old_extension = os.path.splitext(filename)
-    new_filename = base64.b32encode(uuid.uuid4().bytes).decode("ascii")
+    new_filename = secrets.token_urlsafe(20)
     return f"{prefix}/{now.year}/{now.month}/{now.day}/{new_filename}{old_extension}"
-- 
cgit v1.2.3