Keep in mind that obfuscation isn't security, so the answer really depend on your goal. Are you concerned about auto-incrementing integer IDs being sequential in REST urls? If so, use named slugs or UUIDs from django-extensions. UUIDs aren't obfuscated from a security perspective (they can be deduced), but sufficient for most purposes to make sequencing not obvious. You can also use the M2Crypto library to generate a random token and use that to add a home-grown access key. The snippet below isn't complete, but hopefully gives you an idea.
.... models.py --
import M2Crypto
from django_extensions.db import fields as extensions
class Foo(models.Model):
uuid = extensions.UUIDField(
editable=False,
help_text="Automatically generated globally unique ID.")
token = models.CharField(
help_text="Automatically generated authorization token",
max_length=255,
editable=False, default=None, blank=True, null=True)
def save(self, *args, **kwargs):
""" set the authorization token on first save """
if not self.id:
self.token = base64.urlsafe_b64encode(
M2Crypto.m2.rand_bytes(16))
super(Foo, self).save(*args, **kwargs)
-- views.py --
from django.views.generic import DetailView
class FooTokenView(DetailView):
def get_object(self):
object = get_object_or_404(Foo,
uuid=self.kwargs['uuid'],
token=self.kwargs['token'])
return object
---
Brian Schott
[email protected]
On May 27, 2012, at 11:14 AM, Marcin Tustin wrote:
> Why would you want this? Arbitrary integers are already completely opaque.
>
> On Sun, May 27, 2012 at 4:12 PM, forrest yang <[email protected]> wrote:
> Just try to convert the increasing numeric id in the database to some other
> obfuscated id.
> The lib need to support long type integer range conversion and convert in two
> directions.
> Is there are some id obfuscate libs in django or widely used in django
> community?
>
> Any one knows that?
>
> Thanks
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/django-users/-/0lkBciSL24MJ.
> To post to this group, send email to [email protected].
> To unsubscribe from this group, send email to
> [email protected].
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>
>
>
> --
> Marcin Tustin
> Tel: 07773 787 105
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to [email protected].
> To unsubscribe from this group, send email to
> [email protected].
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
smime.p7s
Description: S/MIME cryptographic signature
