I am planning design an encrypted time-limited API on both Client and Server sides, the server side is written in Django, the client side is a GUI program which call the API by
import requests c = requests.post("http://127.0.0.1:8000/VideoParser/", data={'videoUrl': videoUrl }) The way it call the API is desperately exposed to those who can use network traffic capturing tools like wireshark and fiddler, while I don't want anyone else could call the API with their customized videoUrl, and if people made the post call with the same parameters 2 minutes later after the client initially made the call, the call should be valid or expired, so how to design the encrypted time-limited API on both Client and Server side in this case ? ------------------------------ P.S. I think add an identifier to the post data could prevent them using the API import requests c = requests.post("http://127.0.0.1:8000/VideoParser/", data={'videoUrl': videoUrl, 'identifier':value_of_identifier }) provided there is something encrypted in the value_of_identifier and it changes with each call, but I don't know how to get started, any idea ? It would be better to show some code , I really don't know how to start to write code. -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/c90bd293-f44a-4916-bffa-1fae0663ed0e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.