Is there are some id obfuscate libs in django?

[forrest yang]

Just try to convert the increasing numeric id in the database to some other obfuscated id.
The lib need to support long type integer range conversion and convert in two directions.
Is there are some id obfuscate libs in django or widely used in django community?

Any one knows that?

Thanks

[Marcin Tustin]

Why would you want this? Arbitrary integers are already completely opaque.

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/0lkBciSL24MJ.
To post to this group, send email to django...@googlegroups.com.
To unsubscribe from this group, send email to django-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.

--
Marcin Tustin
Tel: 07773 787 105

[Brian Schott]

Keep in mind that obfuscation isn't security, so the answer really depend on your goal.  Are you concerned about auto-incrementing integer IDs being sequential in REST urls?  If so, use named slugs or UUIDs from django-extensions.  UUIDs aren't obfuscated from a security perspective (they can be deduced), but sufficient for most purposes to make sequencing not obvious.  You can also use the M2Crypto library to generate a random token and use that to add a home-grown access key.  The snippet below isn't complete, but hopefully gives you an idea.

.... models.py --

import M2Crypto

from django_extensions.db import fields as extensions

class Foo(models.Model):

    uuid = extensions.UUIDField(

        editable=False,

        help_text="Automatically generated globally unique ID.")

    token = models.CharField(

        help_text="Automatically generated authorization token",

        max_length=255,

        editable=False, default=None, blank=True, null=True)

    def save(self, *args, **kwargs):

        """ set the authorization token on first save """

        if not self.id:

            self.token = base64.urlsafe_b64encode(

                M2Crypto.m2.rand_bytes(16))

        super(Foo, self).save(*args, **kwargs)

-- views.py --

from django.views.generic import DetailView

class FooTokenView(DetailView):

    def get_object(self):

        object = get_object_or_404(Foo,

                                   uuid=self.kwargs['uuid'],

                                   token=self.kwargs['token'])

        return object

---

Brian Schott

bfsc...@gmail.com

[forrest yang]

Thanks, BFSchott

I found a lib at last.

https://github.com/JordanReiter/django-id-obfuscator

Thanks

Brian Schott

bfsc...@gmail.com

To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.

For more options, visit this group at http://groups.google.com/group/django-users?hl=en.

--
Marcin Tustin
Tel: 07773 787 105

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django...@googlegroups.com.

To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.