🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
DemoInstallSign in
Socket
DemoInstallSign in

django-mirage-field

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

django-mirage-field

A Django model fields collection that encrypt your data when save to and decrypt when get from database. It keeps data always encrypted in database.

1.4.0
PyPI
Maintainers
1

django-mirage-field

Hits

Introduce

A Django model fields collection that encrypt your data when save to and decrypt when get from database. It keeps data always encrypted in database. Base on AES, it supports query method like get() and filter() in Django.

Mirage can also migrate data from origin column to encrypted column in database with a good performance.

Features

  • Use settings.SECRET_KEY as secret key default or anyelse which length >= 32
  • Support CharField, TextField, IntegerField, EmailField
  • Support Django ORM's get(), filter() query method
  • Support AES-256-ECB and AES-256-CBC(v1.2.0)
  • Support PostgreSQL and MySQL database
  • Support Django model field db_index and unique attributes

Installation

pip install django-mirage-field

Usage

from mirage import fields
class TestModel(models.Model):
    age = fields.EncryptedIntegerField()

obj = TestModel.objects.get(age=18)
obj.id          # 1
obj.age         # 18
type(obj.age)   # int

database=# select * from testmodel where id = 1;
         id          |           age
---------------------+--------------------------
 1 | -bYijegsEDrmS1s7ilnspA==

from mirage.crypto import Crypto
c = Crypto()                      # key is optional, default will use settings.SECRET_KEY
c.encrypt('some_address')               # -bYijegsEDrmS1s7ilnspA==
c.decrypt('-bYijegsEDrmS1s7ilnspA==')   # some_address

Settings

  • MIRAGE_SECRET_KEY
  • MIRAGE_CIPHER_MODE (v1.2.0+)
  • MIRAGE_CIPHER_IV (v1.2.0+)

MIRAGE_SECRET_KEY

You can use the settings.SECRET_KEY as default key, if you want custom another key for mirage, set the MIRAGE_SECRET_KEY in settings.

Mirage will get the settings.MIRAGE_SECRET_KEY first, if not set, mirage will get the settings.SECRET_KEY.

MIRAGE_CIPHER_MODE

MIRAGE_CIPHER_MODE is optional, choices are below, If don't set, default is ECB.

  • ECB
  • CBC

MIRAGE_CIPHER_IV

MIRAGE_CIPHER_IV is optional, if you don't set, it will use a default: "1234567890abcdef", it's length must be 16.

Model Fields

  • EncryptedTextField
  • EncryptedCharField
  • EncryptedEmailField
  • EncryptedIntegerField
  • EncryptedURLField(v1.3.0+)

Data Migrate

AddmiragetoINSTALLED_APPS

Way 1. Migrations

add app_name,model_name,field_name in migrations.RunPython

from mirage.tools import Migrator

migrations.RunPython(Migrator("app_name", "model_name", "field_name").encrypt, reverse_code=Migrator("app_name", 'model_name', 'field_name').decrypt),

Way 2. Commands

Options:

  • --app
  • --model
  • --field
  • --method (optional: encrypt, decrypt, encrypt_to, decrypt_to, copy_to)
  • --tofield (need when use encryt_to, decrypt_to, copy_to method)

Optional options:

  • --offset ("select * from xxx where id > offset")
  • --total ("select * from xxx order by id limit total")
  • --limit: set the query count in every update, default is 1000, if you set -1, mirage will query all rows one time to update.

Examples

./manage.py mirage --app=yourapp --model=testmodel --field=address --method=encrypt --offset=2000000 --total=3000000

./manage.py mirage --app=yourapp --model=testmodel --field=address --method=encrypt_to --tofield=encrypted_address

Exceptions

from mirage import exceptions
  • EncryptedFieldException

Performance

With ECB mode

Migrate data: 6000,000 columns takes 40 minutes, Average 1 column/2.5ms

Only encrypt/decrypt: Average 1 value/ms

Clients

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials

Research

PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials

A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.

By Kush Pandya  -  Jun 06, 2025
Socket Now Supports pylock.toml Files

Product

Socket Now Supports pylock.toml Files

Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.

By Trevor Norris  -  Jun 05, 2025