Whats the simplest and safest method to generate a API KEY and SECRET in Python

python django tastypie
Dhanushka Amarakoon picture Dhanushka Amarakoon · Jan 20, 2016 · Viewed 25.8k times · Source

I need to generate a API key and Secret that would be stored in a Redis server. What would be the best way to generate a key and secret?

I am develop a Django-tastypie framework based app.

Answer

Moby Duck picture Moby Duck · Jan 24, 2018

If you're on Python 3.6 or later, the secrets module is the way to go:

The secrets module is used for generating cryptographically strong random numbers suitable for managing data such as passwords, account authentication, security tokens, and related secrets.

In particular, secrets should be used in preference to the default pseudo-random number generator in the random module, which is designed for modelling and simulation, not security or cryptography.

e.g. to generate a 16 byte token:

>>> import secrets
>>> secrets.token_urlsafe(16)
'zs9XYCbTPKvux46UJckflw'
>>> secrets.token_hex(16)
'6bef18936ac12a9096e9fe7a8fe1f777'

Related questions

How to change status of JsonResponse in Django

My API is returning a JSON object on error but the status code is HTTP 200: response = JsonResponse({'status': 'false', 'message': message}) return response How can I change the response code to indicate an error?

Read More
Django Tastypie Advanced Filtering: How to do complex lookups with Q objects

I have a basic Django model like: class Business(models.Model): name = models.CharField(max_length=200, unique=True) email = models.EmailField() phone = models.CharField(max_length=40, blank=True, null=True) description = models.TextField(max_length=500) I need to execute a …

Read More
Django Tastypie: How to Authenticate with API Key

I'm making an internal API with TastyPie. I have from tastypie.authentication import ApiKeyAuthentication class MyResource(ModelResource): Meta: authentication = ApiKeyAuthentication() With Auth rules disabled, my API works great. With it on, I get a 401 (UNAUTHORIZED) response no matter what I …

Read More