orcasgit / django-fernet-fields Goto Github PK
View Code? Open in Web Editor NEWFernet symmetric encryption for Django model fields
License: BSD 3-Clause "New" or "Revised" License
Fernet symmetric encryption for Django model fields
License: BSD 3-Clause "New" or "Revised" License
Just a heads up that the following has started showing up:
django.utils.deprecation.RemovedInDjango30Warning: Remove the context parameter from EncryptedTextField.from_db_value(). Support for it will be removed in Django 3.0.
It seems to be referring to this code, which fortunately doesn't actually use that param:
django-fernet-fields/fernet_fields/fields.py
Lines 74 to 77 in fae8159
Thank you for this very useful library!
Hello, I've got an issue with django-fernet-fields. I am using Django 1.11
and django-fernet-fields 0.5
. When I am trying to access a model that contains 2 attributes encrypted as EncryptedTextField
, even from the admin site, Django is raising this error:
[2019/08/16 08:55:27] django.request ERROR [...] Internal Server Error: /admin/...
Traceback (most recent call last):
File "/usr/local/lib/python3.6/site-packages/cryptography/fernet.py", line 104, in _verify_signature
h.verify(data[-32:])
File "/usr/local/lib/python3.6/site-packages/cryptography/hazmat/primitives/hmac.py", line 66, in verify
ctx.verify(signature)
File "/usr/local/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/hmac.py", line 74, in verify
raise InvalidSignature("Signature did not match digest.")
cryptography.exceptions.InvalidSignature: Signature did not match digest.
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
...
File "/usr/local/lib/python3.6/site-packages/cryptography/fernet.py", line 75, in decrypt
return self._decrypt_data(data, timestamp, ttl)
File "/usr/local/lib/python3.6/site-packages/cryptography/fernet.py", line 117, in _decrypt_data
self._verify_signature(data)
File "/usr/local/lib/python3.6/site-packages/cryptography/fernet.py", line 106, in _verify_signature
raise InvalidToken
cryptography.fernet.InvalidToken
I am not defining any key for encryption/decryption, so I assume (according to the docs) that the key used to encrypt/decrypt is my Django secret key. I am pretty sure this key has not changed (the only thing I changed was my database address, but it is exactly the same database).
If you can point me in a right direction to solve this issue would be great. Otherwise, there might be an issue with django-fernet-fields.
Thanks in advance.
In the docs or in this issue number can someone explain how to decrypt the fields when you want to see the encrypted data again? Can you view the decrypted data automatically in admin or the database (postgresql, sqlite, etc)? Please provide code examples and easy descriptions on how to do the decryption. Does it have to be decrypted in the command line? Where do the keys come in and how do you use them?
edit: Figured out that encryption and decryption happens from the SECRET_KEY automatically.
Deploying an app that depends on django-fernet-fields on Heroku does not work out-of-the-box if only django-fernet-fields is specified on the requirements.txt (i.e. not its dependencies)
Heroku needs to know the app explicitly depends on cffi
to install libffi
. See:
https://github.com/heroku/heroku-buildpack-python/blob/5446d448fd3c06c369ff51c60344180796e7bf5d/bin/steps/cryptography#L23
Maybe it would be good to have a note about this on README?
In model AccountTransaction
as creation_timestamp
we using fernet_fields.EncryptedDateTimeField
. And we just found that this field is loosing timezone on save
action.
Please see below code:
In [22]: at_z3 = AccountTransaction.objects.last()
In [22]: at_z3.creation_timestamp
Out[22]: datetime.datetime(2021, 10, 29, 3, 16, 6, 896068)
In [23]: at_z3.creation_timestamp = set_timezone(at_z3.creation_timestamp)
In [24]: at_z3.creation_timestamp
Out[24]: datetime.datetime(2021, 10, 29, 3, 16, 6, 896068, tzinfo=<DstTzInfo 'Europe/Berlin' CEST+2:00:00 DST>)
In [25]: at_z3.save()
In [26]: at_z4 = AccountTransaction.objects.last()
In [27]: at_z3
Out[27]: <AccountTransaction: f2d60076-ff91-4d98-8f63-7b2e896635e6-T613951385360465921.48974>
In [28]: at_z4
Out[28]: <AccountTransaction: f2d60076-ff91-4d98-8f63-7b2e896635e6-T613951385360465921.48974>
In [29]: at_z3.creation_timestamp
Out[29]: datetime.datetime(2021, 10, 29, 3, 16, 6, 896068, tzinfo=<DstTzInfo 'Europe/Berlin' CEST+2:00:00 DST>)
In [30]: at_z4.creation_timestamp
Out[30]: datetime.datetime(2021, 10, 29, 1, 16, 6, 896068)
I am experiencing the error indicated in the title. I am running Python 3.6.5 and am using the EncryptedCharField. Django 2.0
/venv/lib/python3.6/site-packages/fernet_fields/fields.py", line 76, in from_db_value value = bytes(value) TypeError: string argument without an encoding
Likely related to this? https://stackoverflow.com/a/37601966/5331935
The README mentions that only Python 3.4 is supported.
Are there any plans to support Python 3.5 or is there anything we can do that Python 3.5 will be supported (Pull Request?)
Hello,
Encrypting the models are good, but after the encryption, if I want to get the data by the id of the row i get the exception error like mentioned above.
My Modal
from fernet_fields import EncryptedCharField
class MyModal(models.Model):
name = EncryptedCharField(max_length=50, default='')
My code
from app.models import MyModal
def get_details(request):
data_id = request.GET.get('id')
data = MyModal.objects.filter(id=data_id)
print data
return HttpResponse('Success')
Can I hide origin field data in Django admin?
show hash like django passwords or link with Show/Hide actions?
Does anyone know if there will be updates to support Django 3.x released soon? It looks like there is activity in Pull Requests / Issues, but the package author is no where to be found. Is the project abandoned?
Are there any plans to support File and Image fields?
Thanks!
This github project's EncryptedEmailField() is not compatible with allauth for encrypting an email during the allauth custom user model sign up process from my website's form. When I create a user from the command line or admin, this github project works perfectly. But when trying to create a user from the allauth sign up form, it gives me this error message:
Error:
django.core.exceptions.FieldError: EncryptedEmailField 'iexact' does not support lookups
I have the following custom user model:
from fernet_fields import EncryptedEmailField
class CustomUserManager(BaseUserManager):
def _create_user(self, email, password,is_staff, is_superuser, **extra_fields):
now = timezone.now()
if not email:
raise ValueError('The given email must be set')
email = self.normalize_email(email)
user = self.model(email=email,is_staff=is_staff, is_active=True,is_superuser=is_superuser, last_login=now,**extra_fields)
user.set_password(password)
user.save(using=self._db)
return user
def create_user(self, email, password=None, **extra_fields):
return self._create_user(email, password, False, False,**extra_fields)
def create_superuser(self, email, password, **extra_fields):
return self._create_user(email, password, True, True,**extra_fields)
class CustomUser(AbstractBaseUser, PermissionsMixin):
objects = CustomUserManager()
email = EncryptedEmailField()
identifier = models.CharField(unique=True, max_length=50, default=uuid.uuid1)
username = models.CharField(_('username'), max_length=30, blank=True, default='', unique=True)
USERNAME_FIELD = 'username'
first_name = models.CharField(_('first name'), max_length=30, blank=True)
last_name = models.CharField(_('last name'), max_length=30, blank=True)
is_staff = models.BooleanField(_('staff status'), default=False,
help_text=_('Designates whether the user can log into this admin '
'site.'))
is_mod = models.BooleanField(_('moderator status'), default=False,
help_text=_('Designates whether the user can access mod pages and do mod things.'))
is_active = models.BooleanField(_('active'), default=True,
help_text=_('Designates whether this user should be treated as '
'active. Unselect this instead of deleting accounts.'))
EMAIL_FIELD = 'email'
REQUIRED_FIELDS = ['email']
Allauth files interfering with this:
https://github.com/pennersr/django-allauth/blob/master/allauth/utils.py#L145
https://github.com/pennersr/django-allauth/blob/master/allauth/account/forms.py#L336
https://github.com/pennersr/django-allauth/blob/master/allauth/account/adapter.py#L300
The main reason I want to do this is to protect myself from PII violations. Since allauth is probably the most popular django authentication package, I think this should be a required fix.
More details:
https://www.reddit.com/r/djangolearning/comments/fm7cnt/custom_user_model_encrypt_email/
I also created this same issue on the allauth github project page.
I've tried the following:
from django.contrib.postgres.fields import JSONField
from fernet_fields import EncryptedField
class EncryptedJSONField (EncryptedField, JSONField):
...
private_column = EncryptedJSONField(default = dict)
but got the following error:
django.db.utils.ProgrammingError: column "private_column" is of type jsonb but expression is of type bytea
Any suggestion?
This DeprecationWarning has started showing up in Django when using EncryptedCharField
/usr/local/lib/python3.6/dist-packages/fernet_fields/fields.py:77: RemovedInDjango40Warning: force_text() is deprecated in favor of force_str().
return self.to_python(force_text(self.fernet.decrypt(value)))
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.