From a4e6b49d7fc2b375013981b3c37698805ba4dd9a Mon Sep 17 00:00:00 2001
From: jj <log@riseup.net>
Date: Sat, 26 Oct 2024 18:28:25 +0000
Subject: [PATCH] util/jwt: ensure uniform distribution of characters

---
 api/src/util/generate-jwt-secret.js | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/api/src/util/generate-jwt-secret.js b/api/src/util/generate-jwt-secret.js
index 83f0aa5b..8db6e230 100644
--- a/api/src/util/generate-jwt-secret.js
+++ b/api/src/util/generate-jwt-secret.js
@@ -4,8 +4,17 @@ const makeSecureString = (length = 64) => {
     const alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-';
     const out = [];
 
-    for (const byte of crypto.getRandomValues(new Uint8Array(length)))
-        out.push(alphabet[byte % alphabet.length]);
+    while (out.length < length) {
+        for (const byte of crypto.getRandomValues(new Uint8Array(length))) {
+            if (byte < alphabet.length) {
+                out.push(alphabet[byte]);
+            }
+
+            if (out.length === length) {
+                break;
+            }
+        }
+    }
 
     return out.join('');
 }