<p align="center">
<img src="docs/images/logo.png" alt="logo" width="400" />
</p>
# TokenVault
TokenVault is a lightweight package to manage users and validate them using tokens in your application in a single
encrypted file and asymmetric token encryption.
It was designed to manage users within a file in a repository such that if the file is compromised, the tokens and
metadata are still safe.
## Installation
```bash
pip install tokenvault
```
## Quickstart
```python
from tokenvault import TokenVault
vault = TokenVault()
# you give this token to the user for authentication
token = vault.add("alon@gmail.com", metadata={"name": "Alon Sababa",
"Country": "Israel"})
vault.validate(token)
{'name': 'Alon Sababa', 'Country': 'Israel'}
assert vault.validate('not a token in the vault') is None
vault.save("vault.db")
TokenVault("vault.db").validate(token)
{'name': 'Alon Sababa', 'Country': 'Israel'}
```
## Encrypt the vault
For added security, by adding a password to the vault, the file itself get encrypted and therefore the list of keys
too.
You can provide the password manually or it is automatically picked-up from the environment
variable `TOKENVAULT_PASSWORD` if it exists.
* You can share the environment variable with your team members and server secrets so that they decrypt the file
automatically.
```python
import os
from tokenvault import TokenVault
vault = TokenVault()
token = vault.add("alon@gmail.com", metadata={"name": "Alon Sababa", "Country": "Israel"})
password = vault.generate_key()
vault.save("vault.db", password=password)
TokenVault("vault.db", password=password).validate(token)
# using the environment variable
os.environ['TOKENVAULT_PASSWORD'] = password
TokenVault("vault.db").validate(token)
{'name': 'Alon Sababa', 'Country': 'Israel'}
```
## CLI
An easy way to manage users manually is to use the CLI.
* Default vault file is `vault.db` in the current directory.
* When a password or token is generated, it is copied to the clipboard. You can add a flag to print it to the screen
too.
```
tv --help
Options:
--version Show the version and exit.
--help Show this message and exit.
Commands:
add Add a new key to the vault and copy the token to the clipboard
encrypted Check if the vault is encrypted
init Initialize a vault file in 'path' argument.
list List existing keys in the vault
remove Add a new key to the vault and copy the token to the clipboard
validate Add a new key to the vault and copy the token to the clipboard
```
### Quickstart without password:
```bash
$ tv init vault.db --no-password
# this copy the token to the clipboard
$ tv add alon@gmail.com vault.db --metadata='{"some":"information"}'
$ tv list vault.db
alon
$ tv validate <token>
{'some': 'information'}
$ tv remove alon@gmail.com vault.db
```
### Quickstart with password:
```bash
$ tv init vault.db --echo-password # this copy the password to the clipboard
password: G99********
Vault created at vault.db and encrypted with password
$ export TOKENVAULT_PASSWORD=G99********
$ tv add alon@gmail.com vault.db # this copy the token to the clipboard
$ tv validate <token>
{} # no metadata provided
```
Raw data
{
"_id": null,
"home_page": "",
"name": "tokenvault",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": "",
"keywords": "cryptography,vault,user management,cloudpickle,cli,jwt,token,encryption,asymmetric,encryption",
"author": "",
"author_email": "",
"download_url": "https://files.pythonhosted.org/packages/8b/dc/497f2ae4c4f984b8ddbb100f3b60766ca01c1aa641463afea63054b09af1/tokenvault-0.0.1a1.tar.gz",
"platform": null,
"description": "<p align=\"center\">\n <img src=\"docs/images/logo.png\" alt=\"logo\" width=\"400\" />\n</p>\n\n# TokenVault\n\nTokenVault is a lightweight package to manage users and validate them using tokens in your application in a single\nencrypted file and asymmetric token encryption.\n\nIt was designed to manage users within a file in a repository such that if the file is compromised, the tokens and\nmetadata are still safe.\n\n## Installation\n\n```bash\npip install tokenvault\n```\n\n## Quickstart\n\n```python\nfrom tokenvault import TokenVault\n\nvault = TokenVault()\n# you give this token to the user for authentication\ntoken = vault.add(\"alon@gmail.com\", metadata={\"name\": \"Alon Sababa\", \n \"Country\": \"Israel\"})\nvault.validate(token)\n{'name': 'Alon Sababa', 'Country': 'Israel'}\n\nassert vault.validate('not a token in the vault') is None\n\nvault.save(\"vault.db\")\nTokenVault(\"vault.db\").validate(token)\n{'name': 'Alon Sababa', 'Country': 'Israel'}\n```\n\n## Encrypt the vault\n\nFor added security, by adding a password to the vault, the file itself get encrypted and therefore the list of keys\ntoo. \nYou can provide the password manually or it is automatically picked-up from the environment\nvariable `TOKENVAULT_PASSWORD` if it exists.\n\n* You can share the environment variable with your team members and server secrets so that they decrypt the file\n automatically.\n\n```python\nimport os\nfrom tokenvault import TokenVault\n\nvault = TokenVault()\ntoken = vault.add(\"alon@gmail.com\", metadata={\"name\": \"Alon Sababa\", \"Country\": \"Israel\"})\npassword = vault.generate_key()\nvault.save(\"vault.db\", password=password)\n\nTokenVault(\"vault.db\", password=password).validate(token)\n# using the environment variable\nos.environ['TOKENVAULT_PASSWORD'] = password\nTokenVault(\"vault.db\").validate(token)\n{'name': 'Alon Sababa', 'Country': 'Israel'}\n```\n\n## CLI\n\nAn easy way to manage users manually is to use the CLI.\n\n* Default vault file is `vault.db` in the current directory.\n* When a password or token is generated, it is copied to the clipboard. You can add a flag to print it to the screen\n too.\n\n```\ntv --help\n\nOptions:\n --version Show the version and exit.\n --help Show this message and exit.\n\nCommands:\n add Add a new key to the vault and copy the token to the clipboard\n encrypted Check if the vault is encrypted\n init Initialize a vault file in 'path' argument.\n list List existing keys in the vault\n remove Add a new key to the vault and copy the token to the clipboard\n validate Add a new key to the vault and copy the token to the clipboard\n\n```\n\n### Quickstart without password:\n\n```bash\n$ tv init vault.db --no-password \n# this copy the token to the clipboard\n$ tv add alon@gmail.com vault.db --metadata='{\"some\":\"information\"}' \n$ tv list vault.db\nalon\n$ tv validate <token>\n{'some': 'information'}\n$ tv remove alon@gmail.com vault.db\n```\n\n### Quickstart with password:\n\n```bash\n$ tv init vault.db --echo-password # this copy the password to the clipboard\npassword: G99********\nVault created at vault.db and encrypted with password\n\n$ export TOKENVAULT_PASSWORD=G99********\n$ tv add alon@gmail.com vault.db # this copy the token to the clipboard\n$ tv validate <token>\n{} # no metadata provided\n```\n",
"bugtrack_url": null,
"license": "",
"summary": "A lightweight package to manage tokens in your application in a single encrypted file and asymmetric token encryption.",
"version": "0.0.1a1",
"split_keywords": [
"cryptography",
"vault",
"user management",
"cloudpickle",
"cli",
"jwt",
"token",
"encryption",
"asymmetric",
"encryption"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "3ce1209a1b2a341cdf397640f9abcf2b11e42d523a1eed8bbbbd7d014efcb108",
"md5": "c4da5e8a0fc8a06ddae0f6d66f47801e",
"sha256": "1f0c97eb238954371d6fc140decfe364c64beb603f9435e294c14d46e50e8cba"
},
"downloads": -1,
"filename": "tokenvault-0.0.1a1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "c4da5e8a0fc8a06ddae0f6d66f47801e",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 5862,
"upload_time": "2023-03-14T17:20:01",
"upload_time_iso_8601": "2023-03-14T17:20:01.943626Z",
"url": "https://files.pythonhosted.org/packages/3c/e1/209a1b2a341cdf397640f9abcf2b11e42d523a1eed8bbbbd7d014efcb108/tokenvault-0.0.1a1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "8bdc497f2ae4c4f984b8ddbb100f3b60766ca01c1aa641463afea63054b09af1",
"md5": "675ec3a8935810a13b9f7764fbcbebdd",
"sha256": "d7846cf54baf9a69f5a7483ca174674e90dd89b0f245cf9402f7fe406db64e7d"
},
"downloads": -1,
"filename": "tokenvault-0.0.1a1.tar.gz",
"has_sig": false,
"md5_digest": "675ec3a8935810a13b9f7764fbcbebdd",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 4859,
"upload_time": "2023-03-14T17:20:04",
"upload_time_iso_8601": "2023-03-14T17:20:04.583704Z",
"url": "https://files.pythonhosted.org/packages/8b/dc/497f2ae4c4f984b8ddbb100f3b60766ca01c1aa641463afea63054b09af1/tokenvault-0.0.1a1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-03-14 17:20:04",
"github": false,
"gitlab": false,
"bitbucket": false,
"lcname": "tokenvault"
}
JSON