diff --git a/src/auth/csrf.rs b/src/auth/csrf.rs
index c7beb59..ce0edbe 100644
--- a/src/auth/csrf.rs
+++ b/src/auth/csrf.rs
@@ -1,7 +1,7 @@
-use maud::{PreEscaped, html};
+use maud::PreEscaped;
 
 use super::User;
-use crate::get_pg;
+use crate::{get_pg, ui::prelude::script};
 use std::str::FromStr;
 
 pub trait CSRF {
@@ -15,7 +15,10 @@ impl CSRF for User {
     ///
     /// This is useful for htmx requests to update the CSRF token in place.
     async fn update_csrf(&self) -> PreEscaped<String> {
-        html! { script { (PreEscaped(format!("document.querySelectorAll('.csrf').forEach(element => {{ element.value = '{}'; }});", self.get_csrf().await))) }; }
+        script(&format!(
+            "document.querySelectorAll('.csrf').forEach(element => {{ element.value = '{}'; }});",
+            self.get_csrf().await
+        ))
     }
 
     /// Get CSRF Token for the current session
diff --git a/src/lib.rs b/src/lib.rs
index a5eb06c..433f59f 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -1,5 +1,6 @@
 #![feature(const_vec_string_slice)]
 
+use rand::RngCore;
 use tokio::sync::OnceCell;
 
 pub mod asset;
@@ -13,6 +14,11 @@ pub mod ui;
 
 // Postgres
 
+// TODO : Background Jobs
+// TODO : Refactor caching
+// TODO : mail
+// TODO : scheduled jobs
+
 // TODO : IDEA
 // more efficient table join using WHERE ANY instead of multiple SELECTs
 // map_tables(Vec<T>, Fn(&T) -> U) -> Vec<U>
@@ -46,3 +52,9 @@ macro_rules! get_pg {
         }
     };
 }
+
+pub fn gen_random(len: usize) -> String {
+    let mut data = vec![0u8; len];
+    rand::thread_rng().fill_bytes(&mut data);
+    data_encoding::HEXLOWER.encode(&data)
+}