| Name | djsm JSON |
| Version |
0.1.51
JSON |
| download |
| home_page | None |
| Summary | Django package that allows you to store secrets encrypted in JSON and access them easily in your Django project. |
| upload_time | 2024-04-01 19:34:23 |
| maintainer | None |
| docs_url | None |
| author | None |
| requires_python | >=3.7 |
| license | None |
| keywords |
django
django secrets encryption
|
| VCS |
 |
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
# DJSM - Django JSON Secrets Manager
Django package that allows you to easily store and access your Django project's secrets like secret key, database password, etc., encrypted in a JSON file.
[View package on PyPI](https://pypi.org/project/djsm/)
## Installation and Quick Setup
* Install the package using pip.
```bash
pip install djsm
```
* Setup or update a '.env' file for your project.
```.env
DJSM_SECRETS_FILE_PATH = "./.enc/path/secrets.json"
# Assign path to file you want secrets to be stored in. Even if it does not exist yet
# NOT MANDATORY
DJSM_SECRET_KEY_NAME = "secretkey"
```
* Import the package in your Django project
In settings.py:
```python
import djsm
djsm.check_setup()
```
* Run server
```bash
python manage.py runserver
```
If everything was setup successfully, you should see "Setup OK!" on the terminal. Remember to remove the `djsm.check_setup()` line from your settings.py file.
## Usage
Before starting, a '.env' file has to be created. In the file, the following should be added;
* **`DJSM_SECRETS_FILE_PATH`** -> Path(preferably absolute) to file where all secrets will be stored.
Example:
```.env
DJSM_SECRETS_FILE_PATH = "/.enc/pathtofile/secrets.json"
```
* **`DJSM_SECRET_KEY_NAME`** -> Name with which the Django secret key should be stored.
Example:
```.env
DJSM_SECRET_KEY_NAME = 'django_secret_key'
```
### Using DJSM in the CLI
An easy way to start using DJSM in your project is by letting DJSM handle your django project's secret key. To do this:
* Add djsm to the project's list of installed apps.
In settings.py:
```python
INSTALLED_APPS = [
...,
'djsm',
....
]
```
* In the command line/terminal run the management command;
```bash
python manage.py use_djsm
```
You're ready to go. The secrets manager will automatically be created (based on the configurations defined in the .env file) in `your_project.settings.py` and the project's secret key will now be stored and served by the secrets manager. You can use this manager to also handle something like your database key like so.
```python
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
'OPTIONS': {
'NAME': 'myproject_database'.
'USER': djsm_manager.get_secret('DB_USER'),
'PASSWORD': djsm_manager.get_secret('DB_PASSWORD'),
'HOST': 'localhost',
'PORT': '3306',
}
}
}
```
You could also use optional flags when running the above command. For example;
```bash
python manage.py use_djsm --as "secrets_manager"
```
Lets you define the name of the djsm in settings.py. Also, you could the `--quiet` flag to prevent the manager created from printing setup/process logs to the console.
```bash
python manage.py use_djsm --as "secrets_manager" --quiet
```
### Other CLI/Management commands
Apart from the `use_djsm` command, there are two other useful commands that can be run in your project.
* Add to or update existing secrets
```bash
python manage.py update_secrets "<secret_name>" "<secret_value>"
```
For example:
```bash
python manage.py update_secrets 'api_key' '32456789456sdtfg'
```
However, you should note that the value passed must be a JSON formatted string. See an example of saving a mapping of my django project's contact detail below.
```bash
python manage.py update_secrets 'project_emails' '{\"project_email\": \"support@myproject.com\", \"admin_email\": \"admin@myproject.com\"}'
```
* Change the encryption key used by the secrets manager.
```bash
python manage.py change_cryptkeys
```
* Clean up secrets and environment variables set by the secrets manager.
```bash
python manage.py djsm_cleanup
```
* Reload environment variables from .env file
```bash
python manage.py djsm_reload_env
```
### Manually creating and using a secrets manager
```python
import djsm
secrets_manager = djsm.get_djsm(quiet=False)
```
`get_djsm` returns a DJSM object instantiated using values defined in .env file after performing necessary checks.
You can set `quiet=True` if you do not want to see messages on the terminal. Although, important messages are always displayed.
To generate a new secret key or use and existing one. In settings.py:
```python
SECRET_KEY = secrets_manager.get_or_create_secret_key()
```
To update or add a new secret:
```python
new_secret = {"DB_PASSWORD": "db_password"}
secrets_manager.update_secrets(new_secret)
```
Once the update has been performed you can delete these lines.
To get a secret:
```python
# Get a secret, say DB_PASSWORD
db_password = secrets_manager.get_secret("DB_PASSWORD")
```
You can also create a djsm object independent of the configuration in the .env file. Read the next section for more info.
### `DjangoJSONSecretManager`
This class is the main class of the module. It provides the following methods:
* `get_secret(secret_name)` -> Returns the secret with the name `secret_name` if it exists, otherwise returns `None`
* `update_secrets(new_secrets)` -> Updates the secrets file with the new secrets provided in the `new_secrets` dictionary.
* `get_or_create_secret_key()` -> Returns the Django secret key if it exists, otherwise generates a new one and returns it.
* `change_cryptkeys()` -> Replaces the encryption keys used to encrypt and decrypt secrets with a new one.
* `clean_up()` -> Deletes the secrets file and clears all environment variables set by the module.
* `reload_env()` -> Reloads the environment variables from the .env file.
* `clean_up_and_reload()` -> Calls the `clean_up()` and `reload_env()` methods.
```python
from djsm import DJSM # DJSM is an alias for DjangoJSONSecretManager
# Create a DJSM object
secrets_manager = DJSM('./.enc/secrets.json')
```
**DO NOT DELETE `cryptkeys.json` or any of the encryption keys. IF YOU DO, ALL ENCRYPTED SECRET WILL BE LOST**
> NOTE: DJSM just provides an added layer of security in managing secrets in your application. It is not proven to be completely attack proof.
Contributions are welcome. Please fork the repository and submit a pull request.
Raw data
{
"_id": null,
"home_page": null,
"name": "djsm",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": "\"Daniel T. Afolayan (ti-oluwa)\" <tioluwa.dev@gmail.com>",
"keywords": "Django, Django Secrets Encryption",
"author": null,
"author_email": "\"Daniel T. Afolayan (ti-oluwa)\" <tioluwa.dev@gmail.com>",
"download_url": "https://files.pythonhosted.org/packages/a0/47/3f731e00b0df315ac1a5aa661b39305be03ee485d2089581f5e36acffba3/djsm-0.1.51.tar.gz",
"platform": null,
"description": "# DJSM - Django JSON Secrets Manager\r\n\r\nDjango package that allows you to easily store and access your Django project's secrets like secret key, database password, etc., encrypted in a JSON file.\r\n\r\n[View package on PyPI](https://pypi.org/project/djsm/)\r\n\r\n## Installation and Quick Setup\r\n\r\n* Install the package using pip.\r\n\r\n```bash\r\npip install djsm\r\n```\r\n\r\n* Setup or update a '.env' file for your project.\r\n\r\n```.env\r\nDJSM_SECRETS_FILE_PATH = \"./.enc/path/secrets.json\" \r\n# Assign path to file you want secrets to be stored in. Even if it does not exist yet\r\n\r\n# NOT MANDATORY\r\nDJSM_SECRET_KEY_NAME = \"secretkey\"\r\n```\r\n\r\n* Import the package in your Django project\r\n\r\nIn settings.py:\r\n\r\n```python\r\nimport djsm\r\n\r\ndjsm.check_setup()\r\n```\r\n\r\n* Run server\r\n\r\n```bash\r\npython manage.py runserver\r\n```\r\n\r\nIf everything was setup successfully, you should see \"Setup OK!\" on the terminal. Remember to remove the `djsm.check_setup()` line from your settings.py file.\r\n\r\n## Usage\r\n\r\nBefore starting, a '.env' file has to be created. In the file, the following should be added;\r\n\r\n* **`DJSM_SECRETS_FILE_PATH`** -> Path(preferably absolute) to file where all secrets will be stored.\r\nExample:\r\n\r\n```.env\r\nDJSM_SECRETS_FILE_PATH = \"/.enc/pathtofile/secrets.json\"\r\n```\r\n\r\n* **`DJSM_SECRET_KEY_NAME`** -> Name with which the Django secret key should be stored.\r\nExample:\r\n\r\n```.env\r\nDJSM_SECRET_KEY_NAME = 'django_secret_key'\r\n```\r\n\r\n### Using DJSM in the CLI\r\n\r\nAn easy way to start using DJSM in your project is by letting DJSM handle your django project's secret key. To do this:\r\n\r\n* Add djsm to the project's list of installed apps.\r\n\r\nIn settings.py:\r\n\r\n```python\r\n\r\nINSTALLED_APPS = [\r\n ...,\r\n 'djsm',\r\n ....\r\n]\r\n```\r\n\r\n* In the command line/terminal run the management command;\r\n\r\n```bash\r\npython manage.py use_djsm\r\n```\r\n\r\nYou're ready to go. The secrets manager will automatically be created (based on the configurations defined in the .env file) in `your_project.settings.py` and the project's secret key will now be stored and served by the secrets manager. You can use this manager to also handle something like your database key like so.\r\n\r\n```python\r\n\r\nDATABASES = {\r\n 'default': {\r\n 'ENGINE': 'django.db.backends.mysql',\r\n 'OPTIONS': {\r\n 'NAME': 'myproject_database'.\r\n 'USER': djsm_manager.get_secret('DB_USER'),\r\n 'PASSWORD': djsm_manager.get_secret('DB_PASSWORD'),\r\n 'HOST': 'localhost',\r\n 'PORT': '3306',\r\n }\r\n }\r\n}\r\n```\r\n\r\nYou could also use optional flags when running the above command. For example;\r\n\r\n```bash\r\npython manage.py use_djsm --as \"secrets_manager\"\r\n```\r\n\r\nLets you define the name of the djsm in settings.py. Also, you could the `--quiet` flag to prevent the manager created from printing setup/process logs to the console.\r\n\r\n```bash\r\npython manage.py use_djsm --as \"secrets_manager\" --quiet\r\n```\r\n\r\n### Other CLI/Management commands\r\n\r\nApart from the `use_djsm` command, there are two other useful commands that can be run in your project.\r\n\r\n* Add to or update existing secrets\r\n\r\n```bash\r\npython manage.py update_secrets \"<secret_name>\" \"<secret_value>\"\r\n```\r\n\r\nFor example:\r\n\r\n```bash\r\npython manage.py update_secrets 'api_key' '32456789456sdtfg'\r\n```\r\n\r\nHowever, you should note that the value passed must be a JSON formatted string. See an example of saving a mapping of my django project's contact detail below.\r\n\r\n```bash\r\npython manage.py update_secrets 'project_emails' '{\\\"project_email\\\": \\\"support@myproject.com\\\", \\\"admin_email\\\": \\\"admin@myproject.com\\\"}'\r\n```\r\n\r\n* Change the encryption key used by the secrets manager.\r\n\r\n```bash\r\npython manage.py change_cryptkeys\r\n```\r\n\r\n* Clean up secrets and environment variables set by the secrets manager.\r\n\r\n```bash\r\npython manage.py djsm_cleanup\r\n```\r\n\r\n* Reload environment variables from .env file\r\n\r\n```bash\r\npython manage.py djsm_reload_env\r\n```\r\n\r\n### Manually creating and using a secrets manager\r\n\r\n```python\r\nimport djsm\r\n\r\nsecrets_manager = djsm.get_djsm(quiet=False)\r\n```\r\n\r\n`get_djsm` returns a DJSM object instantiated using values defined in .env file after performing necessary checks.\r\n\r\nYou can set `quiet=True` if you do not want to see messages on the terminal. Although, important messages are always displayed.\r\n\r\nTo generate a new secret key or use and existing one. In settings.py:\r\n\r\n```python\r\nSECRET_KEY = secrets_manager.get_or_create_secret_key()\r\n```\r\n\r\nTo update or add a new secret:\r\n\r\n```python\r\nnew_secret = {\"DB_PASSWORD\": \"db_password\"}\r\nsecrets_manager.update_secrets(new_secret)\r\n```\r\n\r\nOnce the update has been performed you can delete these lines.\r\n\r\nTo get a secret:\r\n\r\n```python\r\n# Get a secret, say DB_PASSWORD\r\ndb_password = secrets_manager.get_secret(\"DB_PASSWORD\")\r\n```\r\n\r\nYou can also create a djsm object independent of the configuration in the .env file. Read the next section for more info.\r\n\r\n### `DjangoJSONSecretManager`\r\n\r\nThis class is the main class of the module. It provides the following methods:\r\n\r\n* `get_secret(secret_name)` -> Returns the secret with the name `secret_name` if it exists, otherwise returns `None`\r\n\r\n* `update_secrets(new_secrets)` -> Updates the secrets file with the new secrets provided in the `new_secrets` dictionary.\r\n\r\n* `get_or_create_secret_key()` -> Returns the Django secret key if it exists, otherwise generates a new one and returns it.\r\n\r\n* `change_cryptkeys()` -> Replaces the encryption keys used to encrypt and decrypt secrets with a new one.\r\n\r\n* `clean_up()` -> Deletes the secrets file and clears all environment variables set by the module.\r\n\r\n* `reload_env()` -> Reloads the environment variables from the .env file.\r\n\r\n* `clean_up_and_reload()` -> Calls the `clean_up()` and `reload_env()` methods.\r\n\r\n```python\r\nfrom djsm import DJSM # DJSM is an alias for DjangoJSONSecretManager\r\n\r\n# Create a DJSM object\r\nsecrets_manager = DJSM('./.enc/secrets.json')\r\n```\r\n\r\n**DO NOT DELETE `cryptkeys.json` or any of the encryption keys. IF YOU DO, ALL ENCRYPTED SECRET WILL BE LOST**\r\n\r\n> NOTE: DJSM just provides an added layer of security in managing secrets in your application. It is not proven to be completely attack proof.\r\n\r\nContributions are welcome. Please fork the repository and submit a pull request.\r\n",
"bugtrack_url": null,
"license": null,
"summary": "Django package that allows you to store secrets encrypted in JSON and access them easily in your Django project.",
"version": "0.1.51",
"project_urls": {
"Bug Tracker": "https://github.com/ti-oluwa/djsm/issues",
"Homepage": "https://github.com/ti-oluwa/djsm",
"Repository": "https://github.com/ti-oluwa/djsm"
},
"split_keywords": [
"django",
" django secrets encryption"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "14b2ec9c386176c7147437d72aa1d37b72b67f67c8a28ca0e6a2c4e0deafa6a7",
"md5": "b33e6f2920422c0d8db7a86f662dbe25",
"sha256": "83f1569f7cd8604ea58a3487d4f641513cffe67541c46ce688187fc883235690"
},
"downloads": -1,
"filename": "djsm-0.1.51-py3-none-any.whl",
"has_sig": false,
"md5_digest": "b33e6f2920422c0d8db7a86f662dbe25",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 15093,
"upload_time": "2024-04-01T19:34:05",
"upload_time_iso_8601": "2024-04-01T19:34:05.929096Z",
"url": "https://files.pythonhosted.org/packages/14/b2/ec9c386176c7147437d72aa1d37b72b67f67c8a28ca0e6a2c4e0deafa6a7/djsm-0.1.51-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "a0473f731e00b0df315ac1a5aa661b39305be03ee485d2089581f5e36acffba3",
"md5": "ed87333dc340b2156361f99b09fad1a7",
"sha256": "bd19ddef925d9108ee5dde2a0e1b5ced66b4367af0311456f76a8fd7250e1fd5"
},
"downloads": -1,
"filename": "djsm-0.1.51.tar.gz",
"has_sig": false,
"md5_digest": "ed87333dc340b2156361f99b09fad1a7",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 14513,
"upload_time": "2024-04-01T19:34:23",
"upload_time_iso_8601": "2024-04-01T19:34:23.649402Z",
"url": "https://files.pythonhosted.org/packages/a0/47/3f731e00b0df315ac1a5aa661b39305be03ee485d2089581f5e36acffba3/djsm-0.1.51.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-04-01 19:34:23",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "ti-oluwa",
"github_project": "djsm",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"requirements": [],
"lcname": "djsm"
}
