Skip to main content

A simple django application provides function to encrypt password value with rsa public key before form submit and decrypt at the backend.

Project description

django-secure-password-input

A simple django application provides function to encrypt password value with rsa public key before form submit and decrypt at the backend.

Install

pip install django-secure-password-input

Usage

pro/settings.py

INSTALLED_APPS = [
    ...
    'django_static_jquery3',
    'django_secure_password_input',
    ...
]

DJANGO_SECURE_PASSWORD_INPUT_RSA_PRIVATE_KEY = """-----BEGIN RSA PRIVATE KEY-----
......
-----END RSA PRIVATE KEY-----
"""

DJANGO_SECURE_PASSWORD_INPUT_ENCRYPTED_VALUE_PREFIX = "rsa-encrypted:"

Note:

  1. Add django_static_jquery3 and django_secure_password_input in INSTALLED_APPS.

  2. Add your own DJANGO_SECURE_PASSWORD_INPUT_RSA_PRIVATE_KEY and keep it secret. You can generate rsa private key with rsa module in ipython. Copy all things between "BEGIN RSA PRIVATE KEY" and "END RSA PRIVATE KEY" and must include "BEGIN RSA PRIVATE KEY" and "END RSA PRIVATE KEY" lines. It will work if you not provide your own private key, it will use the django_secure_password_input's default private key, and it's not safe for you.

    In [3]: import rsa
    
    In [4]: pk, sk = rsa.newkeys(1024)
    
    In [5]: print(sk.save_pkcs1().decode())
    -----BEGIN RSA PRIVATE KEY-----
    MIICXwIBAAKBgQCluABEZpoy8lIL8oZNBB7xsc8sh5LOBrT1aLW0F1BpguimwUn4
    K7XDgCP95WWzbp/cHDxl16bKlc15u7TZANOt7iCfdS7BsqXykIh7tts4bl2j95bD
    bwTcpf5kTr0QuqCtPk//nlHWxexeXerSuFzgiYC8vlwrVX+AvuMBVcDqIQIDAQAB
    AoGABcH32GiMMPr0WM/rVJ+xB4q6/PwU4K2g+enSblhlBdVzid+rV0EFhq5cEcU3
    nF1aloYwnwU4GU/NHM6luOL0gbchyksyLKorkNkpElohi1Ek05CCvno7inZ2F4H4
    iffnGp85TczkUa7NHcHPZwCSz/AWbyPYFtLJebjTorFDxRUCRQDm3kRetWgUYdyJ
    bn8nwJhR2rg3Cqu/PbSlx7Q7NirYCwr8Zb8HnDEsRuC8ew7p1MEUYLiAAT6gP9yZ
    b+08eY9AWIQsxwI9ALfCLWo/UbCVbmsFlZjay2Mva4A44ME5vBn4Zky7hR9FxZvC
    zzdV2d5v+3iygQVfzr8hJQ9Xr96LfAE51wJFAKZ/ZY9oBMeuS/5RUiK5IyDlPDV1
    3KbvOXjVrYWGax+j1yhvuHUkj9H+y9Uian74kMbBek3Wl/O6Gr4NmmoiwM0HCUvB
    AjtkfcxYTkheSVoZLPSiowSXOVeQx4oiIXC8wxsu213xvDZU+DRaDpkXDCZ52ySz
    y7FE1NtviISlL6KhCQJEYI1y9vkvSl+aSj+ayyg6cELqfa/m7XDqsxMId5RTdfcS
    MIUYyH+SOGlp2QEpJqEWABa8aTw0PD68vftmdichTVQue9w=
    -----END RSA PRIVATE KEY-----
    

app/admin.py

from django.contrib import admin
from django import forms
from django_secure_password_input.fields import DjangoSecurePasswordInput
from .models import Account


class AccountForm(forms.ModelForm):
    password = DjangoSecurePasswordInput()

    class Meta:
        model = Account
        exclude = []

class AccountAdmin(admin.ModelAdmin):
    form = AccountForm
    list_display = ["username", "password"]

admin.site.register(Account, AccountAdmin)

Note:

  1. Create a form, and override password field using type DjangoSecurePasswordInput.

Release

v0.1.0 2020/03/07

  • First release.

Project details


Release history Release notifications

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for django-secure-password-input, version 0.1.0
Filename, size File type Python version Upload date Hashes
Filename, size django-secure-password-input-0.1.0.tar.gz (62.2 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page