This led me to write code to generate a "web-key," the shared secret needed to implement the access control method discussed.
In his paper, Tyler Close recommends 70 bits for the shared secret, encoded as a 13-character Base32 string. I used 72 bits, so the secret is a 12-character, URL-safe Base64 string without padding characters.
I'm new to Python and Django, so I welcome refinements!
1 2 3 4 5 6 7 8 9
class Foo(models.Model): secret = models.CharField(max_length=12, blank=True, editable=False) def generateSecret(self): s = struct.pack('L', random.getrandbits(32)) s += struct.pack('L', random.getrandbits(32)) s += struct.pack('L', random.getrandbits(8)) self.secret = base64.urlsafe_b64encode(s[0:9]) self.save()
More like this
- Serializer factory with Django Rest Framework by julio 5 months, 3 weeks ago
- Image compression before saving the new model / work with JPG, PNG by Schleidens 6 months, 1 week ago
- Help text hyperlinks by sa2812 7 months, 1 week ago
- Stuff by NixonDash 9 months, 2 weeks ago
- Add custom fields to the built-in Group model by jmoppel 11 months, 2 weeks ago