-
-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Databased-backed component args
/kwargs
#119
Comments
Before going with the database-backed approach, I have one more idea. What if users configured a secret in their settings for Django IDOM that we used to symmetrically encrypt the pickled parameters before including them in the rendered templates. This both protects sensitive information and prevents injection attacks without requiring anything to be stored in the database. |
We should develop that as an optional feature in an follow-up PR. To do that properly would require additional dependencies. |
My impression is that it might take more time to figure out how to properly expire these database entries vs adding a setting for a secret and using it to encrypting the parameters using the |
There is added complexity to cryptography though, mostly related to key rotation (handling/upgrading old keys to new keys without breaking). Additionally, a common issue with django DB encryption libraries is determining a way to do it without breaking |
It looks like there's an option for key rotation: https://cryptography.io/en/latest/fernet/#cryptography.fernet.MultiFernet With that said, I'm realizing that implementing an encryption-based solution in a way that's convenient for the user will involve saving these keys in the database and providing utilities to rotate them. This would allow us to make proper key-management and generation our responsibility rather than the user's and doing that would require some care. Given this, I'm open to going with whatever approach you think will be easiest to complete the fastest. |
There's a lot to discuss about approach/compatibility/algorithms/etc. And it will require a non-trivial amount of code to accomplish within Django. IMO encryption support deserves it's own issue/PR. |
It seems like to complete this then, you'll go with approaches 1 & 3 for expiration? |
Yeah. Although option 2 is technologically ideal, it does not seem convenient for end-users. |
Current Situation
Currently, args/kwargs are serialized and stored in client-sided HTML. However, this is susceptible to spoofing, and makes it impossible to pass in non-serializable values such as Python objects.
Proposed Actions
During a HTTP request...
dill.dumps
.uuid
.During a WS component load...
uuid
and/orsession
identifier.dill.loads
Now this brings up a question about data retention. Ensuring automatic deletion of data is going to be fairly important, and this is a common issue with things such as Django's database-backed sessions model.
Given that, we will need to store a
expiration_date
value within theComponentParams
database model. In that scenario, we have three options we can pick-and-match from.Automatic deletion of expired sessions on...
python manage.py runworker
command alongside their webserver, which doesn't feel clean/simplistic.last-run
timestamps within cache, and only re-running if we hit some configured time threshold.The text was updated successfully, but these errors were encountered: