Skip to content
Replace Rest Framework's IntegerField pk or id lookups with encrypted strings.
Branch: master
Clone or download

README.md

Build Status Code Climate Coverage Status PyPI version

django-rest-encrypted-lookup

Drop-in ViewSets, Serializers, and Fields that replace your IntegerField pk or id lookups with encrypted string lookups.

Use a single cipher across your entire project, or provide a unique cipher for each serializer, model, user, and/or client.

The json representation of a poll:

    {
        "id": 5,
        "questions": [
                      2,
                      10,
                      12,
        ]
    }

becomes:

    {
        "id": "4xoh7gja2mtvz3i47ywy5h6ouu",
        "questions": [
                      "t6y4zo26vutj4xclh5hpy3sc5m",
                      "hp7c75ggggiwv6cs5zc4mpzeoe",
                      "rqq5a2evfokyo7tz74loiu3bcq",
        ]
    }

Choose a user-by-user cipher such that:

    # User A GETs /api/polls/ and receives:
    
    {
        "results": [
                    "4xoh7gja2mtvz3i47ywy5h6ouu",
                    "12gc75ggggiwv6cs5zc4mpzeoe",
        ]
    }
    
    # User B GETs /api/polls/ and receives:
    
    {
        "results": [
                    "rqq5a2evfokyo7tz74loiu3bcq",
                    "hp7c75g84g63v6cs5zc423zeoe",
        ]
    }

If you prefer hyperlinked related fields:

    {
        "id": "4xoh7gja2mtvz3i47ywy5h6ouu",
        "questions": [
                      "https://example.com/api/questions/t6y4zo26vutj4xclh5hpy3sc5m/",
                      "https://example.com/api/questions/hp7c75ggggiwv6cs5zc4mpzeoe/",
                      "https://example.com/api/questions/rqq5a2evfokyo7tz74loiu3bcq/",
        ]
    }

The endpoint:

    /api/polls/5/

becomes:

    /api/polls/4xoh7gja2mtvz3i47ywy5h6ouu/

Encrypted lookups are not appropriate to use as a security measure against users guessing object URIs. Encrypted lookups are appropriate to use as a method of obfuscating object pks/ids.

Installation

Install the module in your Python distribution or virtualenv:

$ pip install django-rest-encrypted-lookup

Add the application to your INSTALLED_APPS:

  INSTALLED_APPS = (
  ...
  "rest_framework_encrypted_lookup",
  ...
  )

And in settings.py:

  ENCRYPTED_LOOKUP = {
      'lookup_field_name': 'id',  # String value name of your drf lookup field, generally 'id' or 'pk'
      'secret_key': 'uniquesecret',  # Choose a string value unique secret key with which to encrypt your lookup fields
  }

How it Works

Encrypted lookup strings are not stored in the database in association with the objects they represent. Encrypted lookups are generated by the model serializers during response composition. Encrypted lookups presented in the endpoint URI are decrypted in the call to dispatch, and encrypted lookups presented in data fields are decrypted by the model deserializers.

Encryption is provided by the PyCrypto AES library.

Use

django-rest-encrypted-lookup provides three field classes:

from rest_framework_encrypted_lookup.fields import EncryptedLookupField, EncryptedLookupRelatedField, EncryptedLookupHyperlinkedRelatedField

two new serializer classes:

from rest_framework_encrypted_lookup.serializers import EncryptedLookupModelSerializer, EncryptedLookupHyperlinkedModelSerializer

and a generic view class:

from rest_framework_encrypted_lookup.views import EncryptedLookupGenericViewSet

Use these in place of the classes provided with Django Rest Framework 3.

Example:

    # models.py
    ...
    class Poll(models.Model):
        ...
        
        
    # serializers.py
    ...
    class PollSerializer(EncryptedLookupModelSerializer):

        class Meta:
            model = Poll
            
            
    # views.py
    ...
    from rest_framework import viewsets
    
    class PollViewSet(EncryptedLookupGenericViewSet,
                      viewsets.mixins.ListModelMixin,
                      viewsets.mixins.RetrieveModelMixin,
                      ...
                     )
        
        queryset = Poll.objects.all()
        serializer_class = PollSerializer
        
        lookup_field = 'id'
    
    
    # urls.py
    ...
    from rest_framework import router
    from polls import views
    
        router = routers.SimpleRouter()
        router.register(r'polls', views.PollViewSet)

        urlpatterns = [
            url(r'^admin/', include(admin.site.urls)),
            url(r'^', include(router.urls)),
        ]
            
            

Of the classes included in this package, the example above makes use of EncryptedLookupModelSerializer, and EncryptedLookupGenericViewSet.

The fields EncryptedLookupField, EncryptedLookupRelatedField are used implicitly by the EncryptedLookupModelSerializer. These fields may also be used explicitly, if needed.

We could have used EncryptedLookupHyperlinkedModelSerializer instead of EncryptedLookupModelSerializer:

    # serializers.py
    ...
    class PollSerializer(EncryptedLookupHyperlinkedModelSerializer):

        class Meta:
            model = Poll

In this case, PollSerializer would serialize related fields as hyperlinks, using the EncryptedHyperlinkedLookupRelatedField.

By default, every encrypted-lookup serializer class will use the same cypher. You can choose a non-default cypher by overwriting your serializer's get_cypher method. Here is a get_cypher method that will produce a unique cypher per-model:

    from rest_framework_encrypted_lookup.utils import IDCipher
    from rest_framework_encrypted_lookup.settings import encrypted_lookup_settings

    class MyEncryptedLookupModelSerializer(EncryptedLookupModelSerializer):
        
        def get_cipher(self):
            return IDCipher(secret=encrypted_lookup_settings['secret_key']+self.Meta.model)

Here is a get_cypher method that will produce a unique cypher per-user:

    from rest_framework_encrypted_lookup.utils import IDCipher
    from rest_framework_encrypted_lookup.settings import encrypted_lookup_settings

    class MyEncryptedLookupModelSerializer(EncryptedLookupModelSerializer):
        
        def get_cipher(self):
            # Let's suppose that a user must be logged in to reach this endpoint.
            
            return IDCipher(secret=encrypted_lookup_settings['secret_key']+self._context["request"].user.username)

Compatibility

  • Django Rest Framework 3.0, 3.1
  • Django 1.7, 1.8
  • Python 2.7, 3.3, 3.4

See tox.ini for specific minor versions tested.

Additional Requirements

  • PyCrypto 2.6.1

Todo

  • Helpful exceptions.
  • Coverage.

Getting Involved

Feel free to open pull requests or issues. GitHub is the canonical location of this project.

Here's the general sequence of events for contribution:

  1. Open an issue in the issue tracker.
  2. In any order:
  • Submit a pull request with a failing test that demonstrates the issue/feature.
  • Get acknowledgement/concurrence.
  1. Submit pull request that passes your test in (2). Include documentation, if appropriate.
You can’t perform that action at this time.