While familiarizing myself with the code, I found that the the token generation function was using math/rand (docs for math/rand) which states For random numbers suitable for security-sensitive work, see the crypto/rand package.
Accordingly, I have switched the token generation to use crypto/rand.
While familiarizing myself with the code, I found that the the token generation function was using
math/rand(docs for math/rand) which statesFor random numbers suitable for security-sensitive work, see the crypto/rand package.Accordingly, I have switched the token generation to use
crypto/rand.