django-fernet-encrypted-fields
Advanced tools
This package was created as a successor to django-encrypted-fields.
$ pip install django-fernet-encrypted-fields
In your settings.py, set random SALT_KEY
SALT_KEY = '0123456789abcdefghijklmnopqrstuvwxyz'
Then, in models.py
from encrypted_fields.fields import EncryptedTextField
class MyModel(models.Model):
text_field = EncryptedTextField()
Use your model as normal and your data will be encrypted in the database.
You can rotate salt keys by turning the SALT_KEY settings.py entry into a list. The first key will be used to encrypt all new data, and decryption of existing values will be attempted with all given keys in order. This is useful for key rotation: place a new key at the head of the list for use with all new or changed data, but existing values encrypted with old keys will still be accessible
SALT_KEY = [
'zyxwvutsrqponmlkjihgfedcba9876543210',
'0123456789abcdefghijklmnopqrstuvwxyz'
]
When you would want to rotate your SECRET_KEY, set the new value and put your old secret key value to SECRET_KEY_FALLBACKS list. That way the existing encrypted fields will still work, but when you re-save the field or create new record, it will be encrypted with the new secret key. (supported in Django >=4.1)
SECRET_KEY = "new-key"
SECRET_KEY_FALLBACKS = ["old-key"]
If you wish to update the existing encrypted records simply load and re-save the models to use the new key.
for obj in MyModel.objects.all():
obj.save()
Currently build in and unit-tested fields. They have the same APIs as their non-encrypted counterparts.
EncryptedCharFieldEncryptedTextFieldEncryptedDateTimeFieldEncryptedIntegerFieldEncryptedFloatFieldEncryptedEmailFieldEncryptedBooleanFieldEncryptedJSONField| Compatible Django Version | Specifically tested |
|---|---|
3.2 | :heavy_check_mark: |
4.0 | :heavy_check_mark: |
4.1 | :heavy_check_mark: |
4.2 | :heavy_check_mark: |
5.0 | :heavy_check_mark: |
5.1 | :heavy_check_mark: |
FAQs
This is inspired by django-encrypted-fields.
We found that django-fernet-encrypted-fields demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.