From 762161ff9338a827b6a873fe23bd190460a0857e Mon Sep 17 00:00:00 2001
From: Face <69168154+face-hh@users.noreply.github.com>
Date: Fri, 22 Aug 2025 18:38:46 +0300
Subject: [PATCH] cant have enough security

---
 dns/src/gurt_server/routes.rs | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/dns/src/gurt_server/routes.rs b/dns/src/gurt_server/routes.rs
index 7be26c5..a851de3 100644
--- a/dns/src/gurt_server/routes.rs
+++ b/dns/src/gurt_server/routes.rs
@@ -2,6 +2,7 @@ use super::{models::*, AppState};
 use crate::auth::Claims;
 use crate::discord_bot::{send_domain_approval_request, DomainRegistration};
 use gurt::prelude::*;
+use rand::{rngs::OsRng, Rng};
 use sha2::{Digest, Sha256};
 use std::time::{SystemTime, UNIX_EPOCH};
 use std::{collections::HashMap, env};
@@ -1098,9 +1099,16 @@ fn generate_challenge_data(domain: &str, token: &str) -> Result<String> {
         .map_err(|_| GurtError::invalid_message("System time error"))?
         .as_nanos();
 
-    let entropy = uuid::Uuid::new_v4().to_string();
+    let mut rng = OsRng;
+    let random_bytes: [u8; 32] = rng.gen();
+    let secure_entropy = base64::encode(random_bytes);
 
-    let data = format!("{}:{}:{}:{}", domain, token, timestamp, entropy);
+    let uuid_entropy = uuid::Uuid::new_v4().to_string();
+
+    let data = format!(
+        "{}:{}:{}:{}:{}",
+        domain, token, timestamp, secure_entropy, uuid_entropy
+    );
     let mut hasher = Sha256::new();
     hasher.update(data.as_bytes());
     let hash = hasher.finalize();