This is a pre-production deployment of Warehouse, however changes made here WILL affect the production instance of PyPI.
Latest Version Dependencies status unknown Test status unknown Test coverage unknown
Project Description
# Django secure redis
Django caching plugin for django-redis that adds a Serializer class and configuration to support transparent,
symmetrical encryption of cached values using the python cryptography library.
This plugin also provides encryption for django-rq jobs by simply using the `@secure_redis.secure_rq.job` decorator to annotate the task method instead of using `@django_rq.job`

# Important
Before using this library, make sure that you really need it. By using it, put in mind:
- You are loosing atomic functionalities like `incr()`
- The values stored to redis are now bigger
- Will take more time to set and retrieve data from redis

# Installation
1. Use `pip install` to get this library
2. In `settings.py` in your project, go to `CACHE` settings and ensure you put the following:
* Add `secure_redis` to `INSTALLED_APPS`
* Provide `REDIS_SECRET_KEY` to be used in the encryption
* Configure the `SERIALIZER` setting to use `secure_redis.serializer.SecureSerializer`

# Settings sample
```
CACHES = {
'default': {
'BACKEND': 'django_redis.cache.RedisCache',
'LOCATION': REDIS_URL,
'OPTIONS': {
# "SOCKET_CONNECT_TIMEOUT": 5, # in seconds
'DB': REDIS_DB,
'PARSER_CLASS': 'redis.connection.HiredisParser',
'REDIS_SECRET_KEY': 'kPEDO_pSrPh3qGJVfGAflLZXKAh4AuHU64tTlP-f_PY=',
'SERIALIZER': 'secure_redis.serializer.SecureSerializer',
},
'KEY_PREFIX': 'app1:secure',
'TIMEOUT': 60 * 60 * 24, # 1 day
},
'insecure': {
'BACKEND': 'django_redis.cache.RedisCache',
'LOCATION': REDIS_URL,
'OPTIONS': {
# "SOCKET_CONNECT_TIMEOUT": 5, # in seconds
'DB': REDIS_DB,
'PARSER_CLASS': 'redis.connection.HiredisParser',
},
'KEY_PREFIX': 'app1',
'TIMEOUT': 60 * 60 * 24, # 1 day
},
}
```
# Data migration
If you already have an existing data in your redis, you might need to consider data migration for un-encrypted values,
you are free to handle this case as you want, we would suggest to use django management command to handle this case:

1. Keep old redis cache settings and add your new secure django redis cache configuration
2. Make sure your new secure django redis cache settings has different `KEY_PREFIX`
3. Make sure old configutation still point at the correct `REDIS_URL` and `REDIS_DB`
4. You can see an example configuration in the previous section of `Settings sample`
5. Make sure either to delete old keys or make sure your redis can holds the new values
6. Code sinppet for sample command is shown below:
```
from __future__ import unicode_literals

from django.core.management.base import BaseCommand
from django.core import cache


class Command(BaseCommand):
def handle(self, *args, **options):
new_cache_name = 'default'
old_cache_name = 'insecure'
old_key_prefix = 'app1'
new_prefix = 'app1:secure'
delete_old_keys = False

old_cache = cache.caches[old_cache_name]
new_cache = cache.caches[new_cache_name]

# Use low level api to access full key name
existing_keys = old_cache.client.get_client().keys('{}*'.format(old_key_prefix))
for key in existing_keys:
if new_prefix not in key:
actual_key = old_cache.client.reverse_key(key)
unencrypted_val = old_cache.get(actual_key)
if new_cache.set(actual_key, unencrypted_val):
if delete_old_keys:
old_cache.delete(actual_key)

```

# Scheduler related usage
This library also provides additional functionality for that encrypts the payload of RQ jobs. To make use of this functionality, first ensure that `DJANGO_REDIS_SECURE_CACHE_NAME` is defined in your settings (if not set, this setting will default to using the `default` cache). Once configured, replace all instances of the `django_rq.job` decorator with `@secure_redis.secure_rq.job`. The `@secure_redis.secure_rq.job` provides the following functionality:

1. A `delay` method, which can be used when calling the task method (ex: `my_task.delay()`). This method has the same functionality as `django_rq.job.delay`
2. An `enqueue_at` method, which can be used when calling the task method (ex: `my_job.enqueue_at()`). This method has the same functionality as `django_rq.Scheduler.enqueue_at`
3. A `schedule_once` method, which can be used when calling the task method (ex: `my_job.schedule_once()`). This method has the same functionality as `django_rq.Scheduler.schedule`, but will check if the method already exists and will not add it to the scheduler a second time.

## Important:
When using the `@secure_redis.secure_rq.job decorator`, the method name displayed in the Django admin will be that of the wrapped proxy method instead of the actual task method name. If you want to see the actual task method name in the Django admin, you must use `secure_redis.urls` instead of `django_rq.urls` when installing RQ into the Django admin in your `urls.py` file.
Release History

Release History

1.1.1

This version

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

Download Files

Download Files

TODO: Brief introduction on what you do with files - including link to relevant help section.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
django-redis-secure-1.1.1.tar.gz (9.2 kB) Copy SHA256 Checksum SHA256 Source Sep 28, 2016

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS HPE HPE Development Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting