Store user secrets encrypted into database.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for pylucid from gravatar.com pylucid

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU General Public License (GPL), GNU General Public License v3 or later (GPLv3+) (GPL-3.0-or-later)
  • Author: Jens Diemer
  • Tags django, helpers
  • Requires: Python >=3.6, <4.0
Classifiers

Project description

Store user secrets encrypted into database.

Current project state: “Pre-Alpha”

Licence: GPL v3 or above

the idea

Store a user’s secrets in the database encrypted with his password.

Only the user can decrypt the stored data. His password is used for encryption and decryption. This password is only transmitted in plain text when logging in (Django itself only saves a salted hash of the password).

The intermediate-user-secret is decrypted and stored with the clear text password in RAM after successful login. All user secrets will be encrypted and decrypted with his intermediate-user-secret.

Limitations and/or facts:

  • Only the same user can decrypt his own data.

  • The decrypted data can only be used during an active session.

  • A intermediate-user-secret is used, so that a password can be changed without losing the encrypted data.

DEMO

Prepare: install poetry e.g.:

~$ sudo apt install python3-pip
~$ pip3 install -U pip --user
~$ pip3 install -U poerty --user

Clone the sources, e.g.:

~$ git clone https://github.com/jedie/django-user-secrets.git
~$ cd django-user-secrets

# install via poetry:
~/django-user-secrets$ poetry install

# Start Django dev. server:
~/django-user-secrets$ poetry run dev_server

You can also use our Makefile, e.g.:

~/django-user-secrets$ make help
help                 List all commands
install-poetry       install or update poetry
install              install django-user-secrets via poetry
update               update the sources and installation
lint                 Run code formatters and linter
fix-code-style       Fix code formatting
tox-listenvs         List all tox test environments
tox                  Run pytest via tox with all environments
tox-py36             Run pytest via tox with *python v3.6*
tox-py37             Run pytest via tox with *python v3.7*
tox-py38             Run pytest via tox with *python v3.8*
pytest               Run pytest
update-rst-readme    update README.rst from README.creole
publish              Release new version to PyPi
start-dev-server     Start Django dev. server with the test project

history

Note: this file is generated from README.creole 2020-07-04 18:52:44 with "python-creole"

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for pylucid from gravatar.com pylucid

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU General Public License (GPL), GNU General Public License v3 or later (GPLv3+) (GPL-3.0-or-later)
  • Author: Jens Diemer
  • Tags django, helpers
  • Requires: Python >=3.6, <4.0
Classifiers

Release history Release notifications | RSS feed

0.2.0

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-user-secrets-0.1.0.tar.gz (18.4 kB view hashes)

Uploaded Source

Built Distribution

django_user_secrets-0.1.0-py3-none-any.whl (26.5 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page