[파이썬] Peewee Encryption 및 Field protection

06 Sep 2023

Peewee

Introduction

Data security is a critical aspect of modern applications. To protect sensitive data, encryption and field protection techniques are commonly used. In this blog post, we will explore how to implement encryption and field protection in Peewee, a simple and lightweight Python ORM.

Peewee Overview

Peewee is a popular ORM (Object-Relational Mapping) library for Python. It provides a convenient way to interact with databases, abstracting the complexities of SQL queries into Python code. Peewee supports various database backends, including SQLite, MySQL, and PostgreSQL.

Encryption with Peewee

To implement encryption in Peewee, we can leverage Python’s cryptography library. Let’s consider a scenario where we want to store an encrypted version of a user’s password in the database.

Installation

Ensure you have the cryptography library installed. You can install it using pip:

pip install cryptography

Implementation

First, let’s import the necessary modules:

from peewee import Model, CharField
from cryptography.fernet import Fernet

Next, we will define a key for encryption and decryption:

KEY = b'YourSecretKey'

Then, we can create a PasswordField class that inherits from Peewee’s CharField. This field will automatically encrypt and decrypt the password.

class PasswordField(CharField):
    def __init__(self, *args, **kwargs):
        kwargs['max_length'] = 255
        super().__init__(*args, **kwargs)

    def db_value(self, value):
        if value:
            cipher_suite = Fernet(KEY)
            cipher_text = cipher_suite.encrypt(value.encode('utf-8'))
            return cipher_text.decode('utf-8')

    def python_value(self, value):
        if value:
            cipher_suite = Fernet(KEY)
            plain_text = cipher_suite.decrypt(value.encode('utf-8'))
            return plain_text.decode('utf-8')

Now, we can use the PasswordField in our Peewee model:

from peewee import SqliteDatabase

db = SqliteDatabase('my_database.db')

class User(Model):
    username = CharField(unique=True)
    password = PasswordField()

    class Meta:
        database = db

This example demonstrates how we can encrypt and decrypt the password field using Peewee and the cryptography library.

Field Protection with Peewee

In addition to encryption, we can also enforce field protection in Peewee. Field protection ensures that certain fields cannot be directly accessed or modified outside of the model’s methods.

Let’s consider a case where we want to protect a user’s email field from being modified after it has been set.

Implementation

To implement field protection, we can use Peewee’s Field class and override the __set__ method.

from peewee import Field

class ImmutableField(Field):
    def __set__(self, instance, value):
        raise AttributeError("Field is immutable")

class User(Model):
    username = CharField(unique=True)
    email = ImmutableField()

    class Meta:
        database = db

With the above implementation, any attempt to directly set or modify the email field will raise an AttributeError.

Conclusion

In this blog post, we explored how to implement encryption and field protection in Peewee using Python’s cryptography library. Encryption ensures data confidentiality, while field protection prevents unauthorized modifications to specific fields. By combining these techniques, we can enhance the security and integrity of our data in Peewee-based applications.

Peewee’s flexibility and extensibility make it a great choice for implementing encryption and field protection. With a few lines of code, we can add an additional level of security to our data storage and give developers peace of mind.

If you have any questions or suggestions, please feel free to leave a comment below!