Keyring with Django
122 views
Skip to first unread message
Tumbelo
Oct 12, 2019, 3:05:07 AM10/12/19
to Django users
Hi,
I need to store some third party server passwords in Django, in
views.py to be more specific. Those are used for Paramiko SFTP
(machine-to-machine communication) and it's not possible to use keys
instead of passwords. For sure I don't like to write those passwords
directly to source code. I have figured out that Python Keyring would be
good way to store passwords and following short code works ok:
import keyring
try:
keyring.get_keyring()
keyring.set_password("system", "user", "passWORD")
pword = keyring.get_password("system", "user")
print pword
except Exception as e:
print e
I moved the code to Django (views.py):
from django.http import HttpResponse
import keyring
def index(request):
try:
keyring.get_keyring()
keyring.set_password("system", "user", "passWORD")
pword = keyring.get_password("system", "user")
return HttpResponse(pword)
except Exception as e:
return HttpResponse(e)Then I asked Django to run built-in development server by typing: sudo python manage.py runserver
Finally I browsed to correct localhost url. Result: browser was showing dialog requesting me to create (on first try) and then open (on next tries after I have created it) kdewallet.
Is it possible to use Keyring from Django without need for user interaction (= without those dialogs)? in the other words: how to configure Keyring to be used with Django?
Thanks in advance!
Mike Dewhirst
Oct 12, 2019, 4:37:34 AM10/12/19
to django...@googlegroups.com
On 12/10/2019 6:05 pm, Tumbelo wrote:
> Hi,
>
> I need to store some third party server passwords in Django, in
> views.py to be more specific. Those are used for Paramiko SFTP
> (machine-to-machine communication) and it's not possible to use keys
> instead of passwords. For sure I don't like to write those passwords
> directly to source code. I have figured out that Python Keyring would
> be good way to store passwords and following short code works ok:
>
> |importkeyring
> try:keyring.get_keyring()keyring.set_password("system","user","passWORD")pword
> Hi,
>
> I need to store some third party server passwords in Django, in
> views.py to be more specific. Those are used for Paramiko SFTP
> (machine-to-machine communication) and it's not possible to use keys
> instead of passwords. For sure I don't like to write those passwords
> directly to source code. I have figured out that Python Keyring would
> be good way to store passwords and following short code works ok:
>
> |importkeyring
> =keyring.get_password("system","user")printpword
> exceptExceptionase:printe |
>
> I moved the code to Django (views.py):
>
> |fromdjango.http importHttpResponseimportkeyring
> defindex(request):try:keyring.get_keyring()keyring.set_password("system","user","passWORD")pword
> exceptExceptionase:printe |
>
> I moved the code to Django (views.py):
>
> |fromdjango.http importHttpResponseimportkeyring
> =keyring.get_password("system","user")returnHttpResponse(pword)exceptExceptionase:returnHttpResponse(e)|
>
>
> Then I asked Django to run built-in development server by typing: sudo
> python manage.py runserver
>
> Finally I browsed to correct localhost url. Result: browser was
> showing dialog requesting me to create (on first try) and then open
> (on next tries after I have created it) kdewallet.
>
> Is it possible to use Keyring from Django without need for user
> interaction (= without those dialogs)? in the other words: how to
> configure Keyring to be used with Django?
>
I don't know.
>
> Then I asked Django to run built-in development server by typing: sudo
> python manage.py runserver
>
> Finally I browsed to correct localhost url. Result: browser was
> showing dialog requesting me to create (on first try) and then open
> (on next tries after I have created it) kdewallet.
>
> Is it possible to use Keyring from Django without need for user
> interaction (= without those dialogs)? in the other words: how to
> configure Keyring to be used with Django?
>
But maybe Keyring is overkill?
It is easy to fetch credentials stored on the machine without including
them in your code and therefore excluding them from your repo.
I use that technique for dozens of sets of credentials including
database credentials in settings, Stripe credentials in views etc etc. I
just use a plain text file and read it in. If you wanted to be fancy you
could encrypt on disk and decrypt them when needed. But I don't think
that is necessary. The machine itself has to be compromised before that
technique is insecure. You do need to be careful with machine backups
though if you have sensitive data in files.
There are other options for keeping sensitive data out of code and using
environment vars seems popular.
Mike
>
> Thanks in advance!
>
> --
> You received this message because you are subscribed to the Google
> Groups "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to django-users...@googlegroups.com
> <mailto:django-users...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/85dd1093-6f54-4aea-b8ff-d48e67b54942%40googlegroups.com
> <https://groups.google.com/d/msgid/django-users/85dd1093-6f54-4aea-b8ff-d48e67b54942%40googlegroups.com?utm_medium=email&utm_source=footer>.
Tumbelo
Oct 15, 2019, 10:50:26 AM10/15/19
to Django users
Hi,
Thanks for answer!
It may be overkill, but it seems so easy/useful from plain Python (test I did). I will probably head to env variants as it seems to be popular way to achieve what I'm trying.
Mohammad yunus
Oct 15, 2019, 11:04:04 AM10/15/19
to django...@googlegroups.com
What is this keyring?
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/85dd1093-6f54-4aea-b8ff-d48e67b54942%40googlegroups.com.
Tumbelo
Oct 15, 2019, 11:13:50 AM10/15/19
to Django users
Reply all
Reply to author
Forward
0 new messages