Crie seus tokens de autenticação com o AScrypt.

Related tags

Authenticationascrypt-token
Overview

AScrypt tokens

O AScrypt é uma forma de gerar tokens de autenticação para sua aplicação de forma rápida e segura. Todos os tokens que foram, mesmo que minimamente alterados, são inválidados imediatamente.

Índice

Exemplos

Um token gerado utilizando o AScrypt tem a seguinte estrutura:

© AScrypt

66d03bda7ac0465c1291ce91e1f7e5f9.eyJuYW1lIjogIkphZWRzb24iLCAiQGVtaXRlZF9pbl9hc2NyeXB0IjogIjIwMjEtMTEtMjYgMjA6Mzg6MzguNDc0MTYyIn0=

O token é longo, mas vamos dividir ele através do ponto localizado no token. A primeira parte é um hash md5 do conteúdo + a chave usada para a gerar o token. Veja o exemplo abaixo:

© AScrypt

# transformando o dicionário em string
content_user = json.dumps({'name': 'Jaedson'})
secret_key = 'ogIkphZWRzb24iLCAiQGVta'

token_part1 = str(content_user + secret_key).encode()

hash_md5 = haslib.md5(token_part1).hexdigest()
# > 66d03bda7ac0465c1291ce91e1f7e5f9

Com isso, na hora de validar o token, nós geramos um hash do content e da chave secreta e comparamos o hash que veio no token e o hash que foi gerado na hora da validação.

Agora vamos para a segunda parte do token, que é nada mais que o conteúdo dele codificado em base64. Um token AScrypt impede que o conteúdo seja alterado, garantindo a integridade da informação, porém, qualquer pessoa pode ver o conteúdo dele, mas não alterá-lo.

Tentando invalidar

É praticamente impossível alterar esses tokens, mesmo que você altere o conteúdo do token e gere um novo hash, na hora de realizar a validação, o conteúdo será somado com a chave secreta, que resulta em um hash totalmente diferente do que o usuário mal intencionado gerou.

Chaves secretas

A classe AScrypt() possui um método que não precisa ser instanciado para uso, o generate_token() permite que token aleatórios sejam gerados para uso na codificação ou decodificação de tokens. Você pode especificar o tamanho da chave, sendo o padrão 32. Quanto maior a chave, mais seguro o token é.

Licença

O AScrypt está licenciado por MIT.

You might also like...
Python module for generating and verifying JSON Web Tokens

python-jwt Module for generating and verifying JSON Web Tokens. Note: From version 2.0.1 the namespace has changed from jwt to python_jwt, in order to

David Halls 210 Dec 24, 2022
So-ViT: Mind Visual Tokens for Vision Transformer
So-ViT: Mind Visual Tokens for Vision Transformer

So-ViT: Mind Visual Tokens for Vision Transformer        Introduction This repository contains the source code under PyTorch framework and models trai

Jiangtao Xie 44 Nov 24, 2022
Unofficial implementation of Google's FNet: Mixing Tokens with Fourier Transforms
Unofficial implementation of Google's FNet: Mixing Tokens with Fourier Transforms

FNet: Mixing Tokens with Fourier Transforms Pytorch implementation of Fnet : Mixing Tokens with Fourier Transforms. Citation: @misc{leethorp2021fnet,

Rishikesh (ऋषिकेश) 218 Jan 5, 2023
MSG-Transformer: Exchanging Local Spatial Information by Manipulating Messenger Tokens
MSG-Transformer: Exchanging Local Spatial Information by Manipulating Messenger Tokens

MSG-Transformer Official implementation of the paper MSG-Transformer: Exchanging Local Spatial Information by Manipulating Messenger Tokens, by Jiemin

Hust Visual Learning Team 68 Nov 16, 2022
Parse discord tokens from any file, even if there is other shit in the file with them.
Parse discord tokens from any file, even if there is other shit in the file with them.

Discord-Token-Parser Parse discord tokens from any file, even if there is other shit in the file with them. Any. File. I glued together all html from

null 4 May 7, 2022
A bot written in Python to automatically buy tokens on the Binance Smart Chain as soon as liquidity is provided

A bot written in Python to automatically buy tokens on the Binance Smart Chain as soon as liquidity is provided. If you’ve found this bot useful and have profited from it please consider donating any token to my BSC wallet address: 0xE75470B9a7c93038195ca116E342c42F6B3F758b

null 473 Dec 25, 2022
PySETO is a PASETO (Platform-Agnostic SEcurity TOkens) implementation written in Python

A Python implementation of PASETO.

Ajitomi, Daisuke 33 Dec 17, 2022
Simple yet efficient tool used to check and sort tokens in terms of there validation.
Simple yet efficient tool used to check and sort tokens in terms of there validation.

Discord Token Checker Simple yet efficient tool used to check and sort tokens in terms of there validation.When the program is done,go to the "output"

Robotnik 15 Dec 27, 2022
A Python tool to generate and refresh Amazon access tokens.

amazon_auth A Python tool to generate and refresh Amazon access tokens. Description This tool generates and outputs Amazon access and refresh tokens f

null 15 Nov 21, 2022
Que es S4K Builder?, Fácil un constructor de tokens grabbers con muchas opciones, como BTC Miner, Clipper, shutdown PC, Y más! Disfrute el proyecto. 3

S4K Builder Este script Python 3 de código abierto es un constructor del muy popular registrador de tokens que está en [mi GitHub] (https://github.com

SadicX 1 Oct 22, 2021
A little side-project API for me to learn about Blockchain and Tokens

BlockChain API I built this little side project to learn more about Blockchain and Tokens. It might be maintained and implemented to other projects bu

Loïk Mallat 1 Nov 16, 2021
Discord Token Generator - Python (Generates Tokens and Joins your Server Automatically) hCaptcha Bypass **FREE**

Best Discord Token Generator {hCaptcha bypass FREE Unlimited Memberboost} Install few requirements & run main.py it will redirect you to the Download

null 1 Oct 27, 2021
🦅 Pretrained BigBird Model for Korean (up to 4096 tokens)
🦅 Pretrained BigBird Model for Korean (up to 4096 tokens)

Pretrained BigBird Model for Korean What is BigBird • How to Use • Pretraining • Evaluation Result • Docs • Citation 한국어 | English What is BigBird? Bi

Jangwon Park 183 Dec 14, 2022
Discord Token Generator based on HTTPX, makes unverified tokens and automatically joins your server! this is used for memberboosting
Discord Token Generator based on HTTPX, makes unverified tokens and automatically joins your server! this is used for memberboosting

Discord Token Generator | 2021 Features: (1) hCaptcha Bypasser, latest hfuck.py Updated by me (2) Free Proxy Support/Scrapper (3) Custom Realistic Dat

null 2 Nov 30, 2021
Defi PancakeSwap bot is programmed in Python to buy and sell tokens in seconds once the target is hit.
Defi PancakeSwap bot is programmed in Python to buy and sell tokens in seconds once the target is hit.

Defi PancakeSwap BOT A BOT that will make easy your life in Trading. Watch tutorial on Youtube Table of Contents About The Project Built With Getting

Zain Ullah 208 Jan 5, 2023
Discord Mass Report script that uses multiple tokens

Discord-Mass-Report Discord Mass Report script that uses multiple tokens, full credits to https://github.com/hoki0/Discord-mass-report who made it in

cChimney 4 Jun 8, 2022
The best way to send tokens into a specific server, which can be used for discord bots, and some tools..

XTRA420 The simplified version of sending tokens into a server, the basic and fastest way.. When using this, you have the option to use proxies (http)

07v 1 Nov 30, 2021
Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT.

Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT. This repository includes tools and documentation for the Cryptick device.

null 1 Dec 31, 2021
Local server that gives you your OAuth 2.0 tokens needed to interact with the Conta Azul's API

What's this? This is a django project meant to be run locally that gives you your OAuth 2.0 tokens needed to interact with Conta Azul's API Prerequisi

Fábio David Freitas 3 Apr 13, 2022
Releases(v1.0.0)

  • v1.0.0(Nov 27, 2021)

    AScrypt v1.0.0

    Crie seus tokens de forma rápida e segura, tendo a certeza de que nenhum deles foi alterado!

    Suporte

    • [x] Gerar tokens com conteúdo em JSON
    • [x] Gerar chaves secretas seguras

    Proximas versões

    • [ ] Tempo de expiração para o token
    • [ ] Chaves públicas e privadas para tokens
    • [ ] Melhorias na segurança
    • [ ] Uso de outros tipos de hash para novos tokens

    © AScrypt Make the internet a secure local.

    Source code(tar.gz)
    Source code(zip)
Owner
Jaedson Silva
Software Developer with focus in Security of Information. #python #flask #software #security
Jaedson Silva
GitHub Repository
Python library for generating a Mastercard API compliant OAuth signature.

oauth1-signer-python Table of Contents Overview Compatibility References Usage Prerequisites Adding the Library to Your Project Importing the Code Loa

23 Aug 01, 2022
OpenConnect auth creditials collector.

OCSERV AUTH CREDS COLLECTOR V1.0 Зачем Изначально было написано чтобы мониторить какие данные вводятся в интерфейс ханипота в виде OpenConnect server.

0 Sep 23, 2022
Get inside your stronghold and make all your Django views default login_required

Stronghold Get inside your stronghold and make all your Django views default login_required Stronghold is a very small and easy to use django app that

Mike Grouchy 384 Nov 23, 2022
Minimal authorization through OO design and pure Ruby classes

Pundit Pundit provides a set of helpers which guide you in leveraging regular Ruby classes and object oriented design patterns to build a simple, robu

Varvet 7.8k Jan 02, 2023
API-key based security utilities for FastAPI, focused on simplicity of use

FastAPI simple security API key based security package for FastAPI, focused on simplicity of use: Full functionality out of the box, no configuration

Tolki 154 Jan 03, 2023
The ultimate Python library in building OAuth, OpenID Connect clients and servers. JWS,JWE,JWK,JWA,JWT included.

Authlib The ultimate Python library in building OAuth and OpenID Connect servers. JWS, JWK, JWA, JWT are included. Authlib is compatible with Python2.

Hsiaoming Yang 3.4k Jan 04, 2023
A Python library to create and validate authentication tokens

handshake A Python library to create and validate authentication tokens. handshake is used to generate and validate arbitrary authentication tokens th

0 Apr 26, 2022
Brute force a JWT token. Script uses multithreading.

JWT BF Brute force a JWT token. Script uses multithreading. Tested on Kali Linux v2021.4 (64-bit). Made for educational purposes. I hope it will help!

Ivan Šincek 5 Dec 02, 2022
This python package provides a simple password reset strategy for django rest framework

Django Rest Password Reset This python package provides a simple password reset strategy for django rest framework, where users can request password r

Anexia 363 Dec 24, 2022
A JSON Web Token authentication plugin for the Django REST Framework.

Simple JWT Abstract Simple JWT is a JSON Web Token authentication plugin for the Django REST Framework. For full documentation, visit django-rest-fram

Jazzband 3.2k Dec 28, 2022
An open source Flask extension that provides JWT support (with batteries included)!

Flask-JWT-Extended Features Flask-JWT-Extended not only adds support for using JSON Web Tokens (JWT) to Flask for protecting views, but also many help

Landon Gilbert-Bland 1.4k Jan 04, 2023
Local server that gives you your OAuth 2.0 tokens needed to interact with the Conta Azul's API

What's this? This is a django project meant to be run locally that gives you your OAuth 2.0 tokens needed to interact with Conta Azul's API Prerequisi

Fábio David Freitas 3 Apr 13, 2022
A module making it easier to manage Discord oAuth with Quart

quart_discord A module making it easier to manage Discord oAuth with Quart Install pip install git+https://github.com/xelA/ 5 Oct 27, 2022

MikroTik Authentication POCs

Proofs of concept which successfully authenticate with MikroTik Winbox and MAC Telnet servers running on RouterOS version 6.45.1+

Margin Research 56 Dec 08, 2022
Basic auth for Django.

easy-basicauth WARNING! THIS LIBRARY IS IN PROGRESS! ANYTHING CAN CHANGE AT ANY MOMENT WITHOUT ANY NOTICE! Installation pip install easy-basicauth Usa

bichanna 2 Mar 25, 2022
Strong, Simple, and Precise security for Flask APIs (using jwt)

flask-praetorian Strong, Simple, and Precise security for Flask APIs API security should be strong, simple, and precise like a Roman Legionary. This p

Tucker Beck 321 Dec 18, 2022
User-related REST API based on the awesome Django REST Framework

Django REST Registration User registration REST API, based on Django REST Framework. Documentation Full documentation for the project is available at

Andrzej Pragacz 399 Jan 03, 2023
Web authentication testing framework

What is this This is a framework designed to test authentication for web applications. While web proxies like ZAProxy and Burpsuite allow authenticate

OWASP 88 Jan 01, 2023
An introduction of Markov decision process (MDP) and two algorithms that solve MDPs (value iteration, policy iteration) along with their Python implementations.

Markov Decision Process A Markov decision process (MDP), by definition, is a sequential decision problem for a fully observable, stochastic environmen

Yu Shen 31 Dec 30, 2022
Social auth made simple

Python Social Auth Python Social Auth is an easy-to-setup social authentication/registration mechanism with support for several frameworks and auth pr

Matías Aguirre 2.8k Dec 24, 2022