معرفی شرکت ها

django-rest-encrypted-lookup-0.9.5

Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر
Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر
Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر
Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر
Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر

توضیحات

Replace Rest Framework's IntegerField pk or id lookups with encrypted strings.
ویژگی مقدار
سیستم عامل -
نام فایل django-rest-encrypted-lookup-0.9.5
نام django-rest-encrypted-lookup
نسخه کتابخانه 0.9.5
نگهدارنده []
ایمیل نگهدارنده []
نویسنده InterSIS Foundation
ایمیل نویسنده dev@sigmaeducation.com
آدرس صفحه اصلی https://intersis.org/
آدرس اینترنتی https://pypi.org/project/django-rest-encrypted-lookup/
مجوز GNU General Public License v3 (GPLv3)
[![PyPI](https://img.shields.io/pypi/dm/django-rest-encrypted-lookup.svg)]() [![Build Status](https://travis-ci.org/InterSIS/django-rest-encrypted-lookup.svg?branch=master)](https://travis-ci.org/InterSIS/django-rest-encrypted-lookup) django-rest-encrypted-lookup ============= Drop-in ViewSets, Serializers, and Fields that replace your IntegerField pk or id lookups with encrypted string lookups. Use a single cipher across your entire project, or provide a unique cipher for each serializer, model, user, and/or client. The json representation of a poll: ``` { "id": 5, "questions": [ 2, 10, 12, ] } ``` becomes: ``` { "id": "4xoh7gja2mtvz3i47ywy5h6ouu", "questions": [ "t6y4zo26vutj4xclh5hpy3sc5m", "hp7c75ggggiwv6cs5zc4mpzeoe", "rqq5a2evfokyo7tz74loiu3bcq", ] } ``` Choose a user-by-user cipher such that: ``` # User A GETs /api/polls/ and receives: { "results": [ "4xoh7gja2mtvz3i47ywy5h6ouu", "12gc75ggggiwv6cs5zc4mpzeoe", ] } # User B GETs /api/polls/ and receives: { "results": [ "rqq5a2evfokyo7tz74loiu3bcq", "hp7c75g84g63v6cs5zc423zeoe", ] } ``` If you prefer hyperlinked related fields: ``` { "id": "4xoh7gja2mtvz3i47ywy5h6ouu", "questions": [ "https://example.com/api/questions/t6y4zo26vutj4xclh5hpy3sc5m/", "https://example.com/api/questions/hp7c75ggggiwv6cs5zc4mpzeoe/", "https://example.com/api/questions/rqq5a2evfokyo7tz74loiu3bcq/", ] } ``` The endpoint: ``` /api/polls/5/ ``` becomes: ``` /api/polls/4xoh7gja2mtvz3i47ywy5h6ouu/ ``` Encrypted lookups are *not* appropriate to use as a security measure against users guessing object URIs. Encrypted lookups *are* appropriate to use as a method of obfuscating object pks/ids. Installation =============== Install the module in your Python distribution or virtualenv: $ pip install django-rest-encrypted-lookup Add the application to your `INSTALLED_APPS`: ``` INSTALLED_APPS = ( ... "rest_framework_encrypted_lookup", ... ) ``` And in settings.py: ``` ENCRYPTED_LOOKUP = { 'lookup_field_name': 'id', # String value name of your drf lookup field, generally 'id' or 'pk' 'secret_key': 'uniquesecret', # Choose a string value unique secret key with which to encrypt your lookup fields }, ``` How it Works ============ Encrypted lookup strings are *not* stored in the database in association with the objects they represent. Encrypted lookups are generated by the model serializers during response composition. Encrypted lookups presented in the endpoint URI are decrypted in the call to dispatch, and encrypted lookups presented in data fields are decrypted by the model deserializers. Encryption is provided by the PyCrypto AES library. Use === django-rest-encrypted-lookup provides three field classes: from rest_framework_encrypted_lookup.fields import EncryptedLookupField, EncryptedLookupRelatedField, EncryptedLookupHyperlinkedRelatedField two new serializer classes: from rest_framework_encrypted_lookup.serializers import EncryptedLookupModelSerializer, EncryptedLookupHyperlinkedModelSerializer and a generic view class: from rest_framework_encrypted_lookup.views import EncryptedLookupGenericViewSet Use these in place of the classes provided with Django Rest Framework 3. Example: ``` # models.py ... class Poll(models.Model): ... # serializers.py ... class PollSerializer(EncryptedLookupModelSerializer): class Meta: model = Poll # views.py ... from rest_framework import viewsets class PollViewSet(EncryptedLookupGenericViewSet, viewsets.mixins.ListModelMixin, viewsets.mixins.RetrieveModelMixin, ... ) queryset = Poll.objects.all() serializer_class = PollSerializer lookup_field = 'id' ``` Of the classes included in this package, the example above makes use of `EncryptedLookupModelSerializer`, and `EncryptedLookupGenericViewSet`. The fields `EncryptedLookupField`, `EncryptedLookupRelatedField` are used implicitly by the EncryptedLookupModelSerializer. These fields may also be used explicitly, if needed. We could have used `EncryptedLookupHyperlinkedModelSerializer` instead of `EncryptedLookupModelSerializer`: ``` # serializers.py ... class PollSerializer(EncryptedLookupHyperlinkedModelSerializer): class Meta: model = Poll ``` In this case, PollSerializer would serialize related fields as hyperlinks, using the `EncryptedHyperlinkedLookupRelatedField`. By default, every encrypted-lookup serializer class will use the same cypher. You can choose a non-default cypher by overwriting your serializer's `get_cypher` method. Here is a ```get_cypher``` method that will produce a unique cypher per-model: ``` from rest_framework_encrypted_lookup.utils import IDCipher from rest_framework_encrypted_lookup.settings import encrypted_lookup_settings class MyEncryptedLookupModelSerializer(EncryptedLookupModelSerializer): def get_cipher(self): return IDCipher(secret=encrypted_lookup_settings['secret_key']+self.Meta.model) ``` Here is a ```get_cypher``` method that will produce a unique cypher per-user: ``` from rest_framework_encrypted_lookup.utils import IDCipher from rest_framework_encrypted_lookup.settings import encrypted_lookup_settings class MyEncryptedLookupModelSerializer(EncryptedLookupModelSerializer): def get_cipher(self): # Let's suppose that a user must be logged in to reach this endpoint. return IDCipher(secret=encrypted_lookup_settings['secret_key']+self._context["request"].user.username) ``` Compatibility ============= * Django Rest Framework 3.0, 3.1 * Django 1.6, 1.7, 1.8 * Python 2.7, 3.3, 3.4 See tox.ini for specific minor versions tested. Additional Requirements ======================= * PyCrypto 2.6.1 Todo ==== * Helpful exceptions. * Coverage. Getting Involved ================ Feel free to open pull requests or issues. GitHub is the canonical location of this project.


نحوه نصب


نصب پکیج whl django-rest-encrypted-lookup-0.9.5:

    pip install django-rest-encrypted-lookup-0.9.5.whl


نصب پکیج tar.gz django-rest-encrypted-lookup-0.9.5:

    pip install django-rest-encrypted-lookup-0.9.5.tar.gz