我将在Django 3.2上使用Postgres 14作为数据库构建网站。
我将使用用户的CloudFlare API键代表用户调用CloudFlare API。
鉴于API密钥很敏感,我想将用户类型放在WebForm中并加密它,然后再将其发送回我的后端以解密。
我读过有关libodium的读物(请参阅我如何加密数据?我使用了缓存,因为由于某种原因,网站暂时下降了)
,我知道github本身 github的秘密所以我想对Github来说足够好对我来说足够好。
但是,我对工作流程感到困惑。
因为即使对于crypto_secretbox_easy,仍然需要密钥。如何在前端表单(在HTML和JavaScript中)和后端服务器(Python)之间共享密钥?
我很可能将libsodium.js用于JavaScript,而Pynacl则用于Python。
我的相关问题在scneario方面是:
-
假设表单中CloudFlare API密钥中的用户键,因此当他们提交表单时,有效载荷中提交的内容将是API键的加密版本,后端仅采用那并将其存储在特定于该用户的数据库中。这是正确的吗?
-
假设当时间到来时,用户会启动一个命令,我需要代表他们在Cloudflare中执行操作。因此,我的Python代码将从数据库中获取加密的API键,并解密它,然后使用该API键调用CloudFlare API。这是正确的吗?
-
假设用户在方案1中以表单中提交CloudFlare API密钥并随后重新访问相同的形式后,我是否解密API键并将其显示给用户的形式为输入文本元素的值?或者更安全,我仅显示原始API键的明文的最后4个字符,其余的则为星号。
如果用户仍然想更改API密钥,则可以。该过程将按照方案1。这是对的吗?
在所有3种情况下,我不确定如何以及在何处生成和存储NONCE和相关密钥。
我还不确定是使用公共钥匙还是秘密密钥加密。
谢谢
I'm building a website on Django 3.2 using postgres 14 as database.
I will call cloudflare API on behalf of the user using the user's CloudFlare API key.
Given that the API key is sensitive, I wanted to have the user type in a webform and encrypt it before sending it back to my backend to be decrypted.
I read about libsodium (See how do I encrypt data? I used cached because for some reason the website is temporarily down)
And I understand that github themselves use it for github secrets so I guess what's good enough for github is good enough for me.
However, I am confused about the workflow.
Because even for crypto_secretbox_easy there's still a need for key. How do I share the key between the frontend form (in HTML and javascript) and the backend server (python)?
I am likely to use libsodium.js for the javascript and pynacl for python.
My related questions scneario-wise are:
-
suppose the user key in the cloudflare API key in the form, so when they submit the form, what's submitted in the payload will be the encrypted version of the API key, the backend simply takes that and stores it in the database specific to that user. Is this correct?
-
suppose when the time comes, the user initiates a command where i need to perform an action in cloudflare on their behalf. So my python code will fetch the encrypted API key from the database and decrypt it and then calls CloudFlare API using that API key. Is this correct?
-
Suppose after the user submitted the cloudflare API key in the form in scenario 1, and subsequently revisits the same form, do I decrypt the API key and show it to the user in the form as value to the input text element? Or it's safer I show only the last 4 characters of the plaintext of the original API key and the rest as asterisk.
If the user still wants to change the API key, they can. And the process will be as per scenario 1. Is this right?
In all 3 scenarios, I am unsure how and where to generate and store the nonce and related keys.
I am also unsure whether to use public keys or secret key encryption.
Thank you
发布评论