I am planning design an encrypted time-limited API on both Client and
Server sides, the server side is written in Django, the client side is a
GUI program which call the API by
import requests
c = requests.post("http://127.0.0.1:8000/VideoParser/";, data={'videoUrl':
videoUrl })
The way it call the API is desperately exposed to those who can use network
traffic capturing tools like wireshark and fiddler, while I don't want
anyone else could call the API with their customized videoUrl, and if
people made the post call with the same parameters 2 minutes later after
the client initially made the call, the call should be valid or expired, so
how to design the encrypted time-limited API on both Client and Server side
in this case ?
------------------------------
P.S. I think add an identifier to the post data could prevent them using
the API
import requests
c = requests.post("http://127.0.0.1:8000/VideoParser/";, data={'videoUrl':
videoUrl, 'identifier':value_of_identifier })
provided there is something encrypted in the value_of_identifier and it
changes with each call, but I don't know how to get started, any idea ?
It would be better to show some code , I really don't know how to start to
write code.
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/c90bd293-f44a-4916-bffa-1fae0663ed0e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
