David542
Reputation: 110382
Storing an api_key, api_pass
I want to store a user's API_KEY and API_PASSWORD, obscured in my database. I do need to be readily view them (for authentication) and to be able to display to the user if they want to view it. What would be a good way to do this?
def create_key(self, user):
key = str(uuid.uuid4()).replace('-','')
key_saved_in_database = # ?
user.key = key_saved_in_database
user.save()
def view_key(self, user):
key_saved_in_database = user.key
key = # ?
return key
What are some possible ways to do this?
Upvotes: 0
Views: 144
Answers (1)
Gábor Bakos
Reputation: 9100
A basic implementation with xoring might look like this:
def infiniteSecret(secret):
num = 0
while true:
yield secret[num % len(secret)]
num += 1
#one direction
key_saved_in_database = map(lambda a, b: a ^ b, zip(infiniteSecret(secret), key))
#other direction
key = map(lambda a, b: a ^ b, zip(infiniteSecret(secret), key_saved_in_database))
Upvotes: 1
Related Questions
- Storing REST API credentials safely for access in a Python environment
- Best Practices Python - Where to store API KEYS/TOKENS
- How to use API Key without directly using it in the Python code?
- Storing API keys on server
- The best way to allow users to save their 3rd party API keys for python package
- Where to store my API key in an open source Python Script
- Secure Way to Store Credentials for an API python module
- Storing API keys and passwords in web2py
- How to store API keys in a PyPI project?
- Django best practice for storing access keys