Port of Fernet-rb from ruby.
Fernet allows you to easily generate and verify HMAC based authentication tokens for issuing API requests between remote servers. It also encrypts the message so it can be used to transmit secure data over the wire.
This library requires either the M2Crypto library or the Pycrypto lib. By default Pycrypto is configured as a dependency since M2Crypto requires the presence of SWIG for compilation. If M2Crypto (>=0.21.1) is installed it will be used, otherwise Pycrypto (>=2.6.1) will be used.
pip install fernet
If you want to use M2Crypto you can try this buildpack which supports building the M2Cryto package: https://github.com/guybowden/heroku-buildpack-python-paybox
Both client and server must share a secret.
You want to encode some data in the token as well, for example, an email address can be used to verify it on the other end.
import fernet
token = fernet.generate(secret, 'scottp@heroku.com')On the server side, the receiver can use this token to verify whether it's legit:
verifer = fernet.verifier(secret, token)
if verifier.valid():
operate_on(verifier.message) # the original, decrypted messageIt's possible to configure fernet via the Configuration class. To do so, put
this in an initializer:
# default values shown here
import fernet.Configuration
fernet.Configuration.enforce_ttl = true
fernet.Configuration.ttl = 60Run tests.sh to run the unit tests. Note that one test checking for bad padding in a token will
fail when running with Pycrypto.