Skip to main content

A simple Django package to facilitate request signing.

Project description

DRF Simple API Signing (SASigning) Introduction

STATUS

  • First Release (29 July 2018)

API Signing Benefits

  1. Identity Verification: You are sure that the request is coming from who you are expecting.

  2. You are sure that the message is not altered in communication channels.

  3. You can prevent relay attack (optional).

API Signing Workflow

Pseudo code explaining steps of API Signing Check in API:

1. Read a signature from header.
2. Construct the message. It may consist of
   * Secret Key
   * Request Method (PUT, GET, POST, ..)
   * URL Endpoint.
   * Request Body.
   * other arguments
those parameters are concatenated and separated by **delimeter** symbol.
3. Hash it with SHA256 using the Secret Key.

What SASigning Do?

SASigning provides an easy way to configure your API to accept, check and define signatures. It allows you to review plugin the signature checking in your flow.

SASIGNING DOCUMENTATION

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

drf-simple-api-signing-1.0.2.tar.gz (207.7 kB view details)

Uploaded Source

Built Distribution

drf_simple_api_signing-1.0.2-py3-none-any.whl (7.0 kB view details)

Uploaded Python 3

File details

Details for the file drf-simple-api-signing-1.0.2.tar.gz.

File metadata

  • Download URL: drf-simple-api-signing-1.0.2.tar.gz
  • Upload date:
  • Size: 207.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.11.0 pkginfo/1.4.2 requests/2.19.1 setuptools/40.0.0 requests-toolbelt/0.8.0 tqdm/4.23.4 CPython/3.5.0

File hashes

Hashes for drf-simple-api-signing-1.0.2.tar.gz
Algorithm Hash digest
SHA256 43101eb378c87bc64e443fe0251455b842d0ad21326f4753ec280c41022cbbf7
MD5 f1dbd42c02ca40161f01ceefa3410544
BLAKE2b-256 d2ae77c35e3bb1d916347dfc9a0d9ac4b31e3631418f9a7660d7238fed954b91

See more details on using hashes here.

File details

Details for the file drf_simple_api_signing-1.0.2-py3-none-any.whl.

File metadata

  • Download URL: drf_simple_api_signing-1.0.2-py3-none-any.whl
  • Upload date:
  • Size: 7.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.11.0 pkginfo/1.4.2 requests/2.19.1 setuptools/40.0.0 requests-toolbelt/0.8.0 tqdm/4.23.4 CPython/3.5.0

File hashes

Hashes for drf_simple_api_signing-1.0.2-py3-none-any.whl
Algorithm Hash digest
SHA256 92abe690b3e4795334757815bbcf83e4cf7098f9230769638514a7a84f984269
MD5 e151f59eda3adfacbb08bf29a95dac60
BLAKE2b-256 86ef710ceee1b3075a56a302cd9fb2e026848dacaf38160c0bde36941769dfa4

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page