No project description provided
Project description
Django Secured Fields
Django encrypted fields with search enabled.
Features
- Automatically encrypt/decrypt field value using cryptography's Fernet
- Built-in search lookup on the encrypted fields from hashlib's SHA-256 hash value.
in
andisnull
lookup also supported. - Supports most of available Django fields including
BinaryField
,JSONField
, andFileField
.
Installation
pip install django-secured-fields
Setup
-
Add
secured_fields
intoINSTALLED_APPS
# settings.py INSTALLED_APPS = [ ... 'secured_fields', ]
-
Generate a new key using for encryption
$ python manage.py generate_key KEY: TtY8MAeXuhdKDd1HfGUwim-vQ8H7fXyRQ9J8pTi_-lg= HASH_SALT: 500d492e
-
Put generated key and hash salt in settings
# settings.py SECURED_FIELDS_KEY = 'TtY8MAeXuhdKDd1HfGUwim-vQ8H7fXyRQ9J8pTi_-lg=' SECURED_FIELDS_HASH_SALT = '500d492e' # optional
Usage
Simple Usage
# models.py
import secured_fields
phone_number = secured_fields.EncryptedCharField(max_length=10)
Enable Searching
# models.py
import secured_fields
id_card_number = secured_fields.EncryptedCharField(max_length=18, searchable=True)
Supported Fields
EncryptedBinaryField
EncryptedBooleanField
EncryptedCharField
EncryptedDateField
EncryptedDateTimeField
EncryptedDecimalField
EncryptedFileField
EncryptedImageField
EncryptedIntegerField
EncryptedJSONField
EncryptedTextField
Settings
Key | Required | Default | Description |
---|---|---|---|
SECURED_FIELDS_KEY |
Yes | Key for using in encryption/decryption with Fernet. Usually generated from python manage.py generate_key . |
|
SECURED_FIELDS_HASH_SALT |
No | '' |
Salt to append after the field value before hashing. Usually generated from python manage.py generate_key . |
SECURED_FIELDS_FILE_STORAGE |
No | 'secured_fields.storage.EncryptedFileSystemStorage' |
File storage class used for storing encrypted file/image fields. See EncryptedStorageMixin |
APIs
Field Arguments
Name | Type | Required | Default | Description |
---|---|---|---|---|
searchable |
bool |
No | False |
Enable search function |
Encryption
> from secured_fields.fernet import get_fernet
> data = b'test'
> encrypted_data = get_fernet().encrypt(data)
> encrypted_data
b'gAAAAABh2_Ry_thxLTuFFXeMc9hNttah82979JPuMSjnssRB0DmbgwdtEU5dapBgISOST_a_egDc66EG_ZtVu_EqF_69djJwuA=='
> get_fernet().decrypt(encrypted_data)
b'test'
EncryptedMixin
If you have a field which does not supported by the package, you can use EncryptedMixin
to enable encryption and search functionality for that custom field.
import secured_fields
from django.db import models
class EncryptedUUIDField(secured_fields.EncryptedMixin, models.UUIDField):
pass
task_id = EncryptedUUIDField(searchable=True)
EncryptedStorageMixin
If you use a custom file storage class (e.g. defined in settings.py
's DEFAULT_FILE_STORAGE
), you can enable file encryption using EncryptedStorageMixin
.
import secured_fields
from minio_storage.storage import MinioMediaStorage
class EncryptedMinioMediaStorage(
secured_fields.EncryptedStorageMixin,
MinioMediaStorage,
):
pass
Known Limitation
in
lookup onJSONField
is not available- Large files are not performance-friendly at the moment (see #2)
- Search on
BinaryField
does not supported at the moment (see #6) - Changing
searchable
value in a field with the records in the database is not supported (see #7)
Development
Requirements
- Docker
- Poetry
- MySQL Client
brew install mysql-client
echo 'export PATH="/usr/local/opt/mysql-client/bin:$PATH"' >> ~/.bash_profile
Running Project
-
Start backend databases
make up-db
-
Run tests (see: Testing)
Linting
make lint
Testing
make test
Fix Formatting
make yapf
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Close
Hashes for django_secured_fields-0.4.2.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 073ce06ae638e37a0f215e98c3c504915848891d01d9710b7f969465b7cb3ccb |
|
MD5 | 37bfec5afa0aa92087008f25045da6d4 |
|
BLAKE2b-256 | a5ec7320355481172933f729922c5d8b056e47248b8aea59cc42f8245aca09d8 |
Close
Hashes for django_secured_fields-0.4.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 890ba706f6da5e43b7b92d1d5df2ea57a9b57e2b887b53793a0b9401a6c1eadc |
|
MD5 | 1249f7cbb3f88294d7e3ece109ab80bc |
|
BLAKE2b-256 | a2b8f0efc4876bc6a1a568ad381429823174bce67c85f5c513a9bdb59a57c3c2 |