Hopiu/django-fernet-encrypted-fields
1
0
Fork 0
mirror of https://github.com/jazzband/django-fernet-encrypted-fields.git synced 2026-03-16 22:40:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
No description
50 commits 1 branch 0 tags 186 KiB
Python 100%
Find a file
pre-commit-ci[bot] f666e46bd8
[pre-commit.ci] pre-commit autoupdate 
updates:
- [github.com/asottile/pyupgrade: v3.19.1 → v3.20.0](https://github.com/asottile/pyupgrade/compare/v3.19.1...v3.20.0)
2025-05-26 17:17:58 +00:00
.github/workflows Add pre-commit config and fix for it 2025-01-06 11:38:01 +09:00
encrypted_fields Fixed getting SECRET_KEY_FALLBACKS for django <4.1 2025-02-18 15:26:33 +01:00
package_test Added ability to use Django's SECRET_KEY_FALLBACKS to rotate secret key 2025-02-18 15:11:15 +01:00
.gitignore Add pre-commit config and fix for it 2025-01-06 11:38:01 +09:00
.pre-commit-config.yaml [pre-commit.ci] pre-commit autoupdate 2025-05-26 17:17:58 +00:00
LICENCE.txt Add pre-commit config and fix for it 2025-01-06 11:38:01 +09:00
manage.py setup github actions with black, flake8, testing and coverage 2022-04-21 14:15:59 +02:00
pyproject.toml Add pre-commit config and fix for it 2025-01-06 11:38:01 +09:00
README.md Fix version and typo 2025-02-21 12:00:53 +09:00
requirements.txt Fix github workflow 2025-01-06 11:18:01 +09:00
setup.py Fix version and typo 2025-02-21 12:00:53 +09:00

README.md

Pypi Package Jazzband

Django Fernet Encrypted Fields

This package was created as a successor to django-encrypted-fields.

Getting Started

$ pip install django-fernet-encrypted-fields

In your settings.py, set random SALT_KEY

SALT_KEY = '0123456789abcdefghijklmnopqrstuvwxyz'

Then, in models.py

from encrypted_fields.fields import EncryptedTextField

class MyModel(models.Model):
    text_field = EncryptedTextField()

Use your model as normal and your data will be encrypted in the database.

Rotating SALT keys

You can rotate salt keys by turning the SALT_KEY settings.py entry into a list. The first key will be used to encrypt all new data, and decryption of existing values will be attempted with all given keys in order. This is useful for key rotation: place a new key at the head of the list for use with all new or changed data, but existing values encrypted with old keys will still be accessible

SALT_KEY = [
    'zyxwvutsrqponmlkjihgfedcba9876543210',
    '0123456789abcdefghijklmnopqrstuvwxyz'
]

Rotating SECRET_KEY

When you would want to rotate your SECRET_KEY, set the new value and put your old secret key value to SECRET_KEY_FALLBACKS list. That way the existing encrypted fields will still work, but when you re-save the field or create new record, it will be encrypted with the new secret key. (supported in Django >=4.1)

SECRET_KEY = "new-key"
SECRET_KEY_FALLBACKS = ["old-key"]

If you wish to update the existing encrypted records simply load and re-save the models to use the new key.

for obj in MyModel.objects.all():
    obj.save()

Available Fields

Currently build in and unit-tested fields. They have the same APIs as their non-encrypted counterparts.

  • EncryptedCharField
  • EncryptedTextField
  • EncryptedDateTimeField
  • EncryptedIntegerField
  • EncryptedFloatField
  • EncryptedEmailField
  • EncryptedBooleanField
  • EncryptedJSONField

Compatible Django Version

Compatible Django Version Specifically tested
3.2 ✔️
4.0 ✔️
4.1 ✔️
4.2 ✔️
5.0 ✔️
5.1 ✔️