Crie seus tokens de autenticação com o AScrypt.

Related tags

Authenticationascrypt-token
Overview

AScrypt tokens

O AScrypt é uma forma de gerar tokens de autenticação para sua aplicação de forma rápida e segura. Todos os tokens que foram, mesmo que minimamente alterados, são inválidados imediatamente.

Índice

Exemplos

Um token gerado utilizando o AScrypt tem a seguinte estrutura:

© AScrypt

66d03bda7ac0465c1291ce91e1f7e5f9.eyJuYW1lIjogIkphZWRzb24iLCAiQGVtaXRlZF9pbl9hc2NyeXB0IjogIjIwMjEtMTEtMjYgMjA6Mzg6MzguNDc0MTYyIn0=

O token é longo, mas vamos dividir ele através do ponto localizado no token. A primeira parte é um hash md5 do conteúdo + a chave usada para a gerar o token. Veja o exemplo abaixo:

© AScrypt

# transformando o dicionário em string
content_user = json.dumps({'name': 'Jaedson'})
secret_key = 'ogIkphZWRzb24iLCAiQGVta'

token_part1 = str(content_user + secret_key).encode()

hash_md5 = haslib.md5(token_part1).hexdigest()
# > 66d03bda7ac0465c1291ce91e1f7e5f9

Com isso, na hora de validar o token, nós geramos um hash do content e da chave secreta e comparamos o hash que veio no token e o hash que foi gerado na hora da validação.

Agora vamos para a segunda parte do token, que é nada mais que o conteúdo dele codificado em base64. Um token AScrypt impede que o conteúdo seja alterado, garantindo a integridade da informação, porém, qualquer pessoa pode ver o conteúdo dele, mas não alterá-lo.

Tentando invalidar

É praticamente impossível alterar esses tokens, mesmo que você altere o conteúdo do token e gere um novo hash, na hora de realizar a validação, o conteúdo será somado com a chave secreta, que resulta em um hash totalmente diferente do que o usuário mal intencionado gerou.

Chaves secretas

A classe AScrypt() possui um método que não precisa ser instanciado para uso, o generate_token() permite que token aleatórios sejam gerados para uso na codificação ou decodificação de tokens. Você pode especificar o tamanho da chave, sendo o padrão 32. Quanto maior a chave, mais seguro o token é.

Licença

O AScrypt está licenciado por MIT.

You might also like...
Python module for generating and verifying JSON Web Tokens

python-jwt Module for generating and verifying JSON Web Tokens. Note: From version 2.0.1 the namespace has changed from jwt to python_jwt, in order to

David Halls 210 Dec 24, 2022
So-ViT: Mind Visual Tokens for Vision Transformer
So-ViT: Mind Visual Tokens for Vision Transformer

So-ViT: Mind Visual Tokens for Vision Transformer        Introduction This repository contains the source code under PyTorch framework and models trai

Jiangtao Xie 44 Nov 24, 2022
Unofficial implementation of Google's FNet: Mixing Tokens with Fourier Transforms
Unofficial implementation of Google's FNet: Mixing Tokens with Fourier Transforms

FNet: Mixing Tokens with Fourier Transforms Pytorch implementation of Fnet : Mixing Tokens with Fourier Transforms. Citation: @misc{leethorp2021fnet,

Rishikesh (ऋषिकेश) 218 Jan 5, 2023
MSG-Transformer: Exchanging Local Spatial Information by Manipulating Messenger Tokens
MSG-Transformer: Exchanging Local Spatial Information by Manipulating Messenger Tokens

MSG-Transformer Official implementation of the paper MSG-Transformer: Exchanging Local Spatial Information by Manipulating Messenger Tokens, by Jiemin

Hust Visual Learning Team 68 Nov 16, 2022
Parse discord tokens from any file, even if there is other shit in the file with them.
Parse discord tokens from any file, even if there is other shit in the file with them.

Discord-Token-Parser Parse discord tokens from any file, even if there is other shit in the file with them. Any. File. I glued together all html from

null 4 May 7, 2022
A bot written in Python to automatically buy tokens on the Binance Smart Chain as soon as liquidity is provided

A bot written in Python to automatically buy tokens on the Binance Smart Chain as soon as liquidity is provided. If you’ve found this bot useful and have profited from it please consider donating any token to my BSC wallet address: 0xE75470B9a7c93038195ca116E342c42F6B3F758b

null 473 Dec 25, 2022
PySETO is a PASETO (Platform-Agnostic SEcurity TOkens) implementation written in Python

A Python implementation of PASETO.

Ajitomi, Daisuke 33 Dec 17, 2022
Simple yet efficient tool used to check and sort tokens in terms of there validation.
Simple yet efficient tool used to check and sort tokens in terms of there validation.

Discord Token Checker Simple yet efficient tool used to check and sort tokens in terms of there validation.When the program is done,go to the "output"

Robotnik 15 Dec 27, 2022
A Python tool to generate and refresh Amazon access tokens.

amazon_auth A Python tool to generate and refresh Amazon access tokens. Description This tool generates and outputs Amazon access and refresh tokens f

null 15 Nov 21, 2022
Que es S4K Builder?, Fácil un constructor de tokens grabbers con muchas opciones, como BTC Miner, Clipper, shutdown PC, Y más! Disfrute el proyecto. 3

S4K Builder Este script Python 3 de código abierto es un constructor del muy popular registrador de tokens que está en [mi GitHub] (https://github.com

SadicX 1 Oct 22, 2021
A little side-project API for me to learn about Blockchain and Tokens

BlockChain API I built this little side project to learn more about Blockchain and Tokens. It might be maintained and implemented to other projects bu

Loïk Mallat 1 Nov 16, 2021
Discord Token Generator - Python (Generates Tokens and Joins your Server Automatically) hCaptcha Bypass **FREE**

Best Discord Token Generator {hCaptcha bypass FREE Unlimited Memberboost} Install few requirements & run main.py it will redirect you to the Download

null 1 Oct 27, 2021
🦅 Pretrained BigBird Model for Korean (up to 4096 tokens)
🦅 Pretrained BigBird Model for Korean (up to 4096 tokens)

Pretrained BigBird Model for Korean What is BigBird • How to Use • Pretraining • Evaluation Result • Docs • Citation 한국어 | English What is BigBird? Bi

Jangwon Park 183 Dec 14, 2022
Discord Token Generator based on HTTPX, makes unverified tokens and automatically joins your server! this is used for memberboosting
Discord Token Generator based on HTTPX, makes unverified tokens and automatically joins your server! this is used for memberboosting

Discord Token Generator | 2021 Features: (1) hCaptcha Bypasser, latest hfuck.py Updated by me (2) Free Proxy Support/Scrapper (3) Custom Realistic Dat

null 2 Nov 30, 2021
Defi PancakeSwap bot is programmed in Python to buy and sell tokens in seconds once the target is hit.
Defi PancakeSwap bot is programmed in Python to buy and sell tokens in seconds once the target is hit.

Defi PancakeSwap BOT A BOT that will make easy your life in Trading. Watch tutorial on Youtube Table of Contents About The Project Built With Getting

Zain Ullah 208 Jan 5, 2023
Discord Mass Report script that uses multiple tokens

Discord-Mass-Report Discord Mass Report script that uses multiple tokens, full credits to https://github.com/hoki0/Discord-mass-report who made it in

cChimney 4 Jun 8, 2022
The best way to send tokens into a specific server, which can be used for discord bots, and some tools..

XTRA420 The simplified version of sending tokens into a server, the basic and fastest way.. When using this, you have the option to use proxies (http)

07v 1 Nov 30, 2021
Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT.

Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT. This repository includes tools and documentation for the Cryptick device.

null 1 Dec 31, 2021
Local server that gives you your OAuth 2.0 tokens needed to interact with the Conta Azul's API

What's this? This is a django project meant to be run locally that gives you your OAuth 2.0 tokens needed to interact with Conta Azul's API Prerequisi

Fábio David Freitas 3 Apr 13, 2022
Releases(v1.0.0)

  • v1.0.0(Nov 27, 2021)

    AScrypt v1.0.0

    Crie seus tokens de forma rápida e segura, tendo a certeza de que nenhum deles foi alterado!

    Suporte

    • [x] Gerar tokens com conteúdo em JSON
    • [x] Gerar chaves secretas seguras

    Proximas versões

    • [ ] Tempo de expiração para o token
    • [ ] Chaves públicas e privadas para tokens
    • [ ] Melhorias na segurança
    • [ ] Uso de outros tipos de hash para novos tokens

    © AScrypt Make the internet a secure local.

    Source code(tar.gz)
    Source code(zip)
Owner
Jaedson Silva
Software Developer with focus in Security of Information. #python #flask #software #security
Jaedson Silva
GitHub Repository
:couple: Multi-user accounts for Django projects

django-organizations Summary Groups and multi-user account management Author Ben Lopatin (http://benlopatin.com) Status Separate individual user ident

Ben Lopatin 1.1k Jan 09, 2023
A Python library to create and validate authentication tokens

handshake A Python library to create and validate authentication tokens. handshake is used to generate and validate arbitrary authentication tokens th

0 Apr 26, 2022
REST implementation of Django authentication system.

djoser REST implementation of Django authentication system. djoser library provides a set of Django Rest Framework views to handle basic actions such

Sunscrapers 2.2k Jan 01, 2023
Ready to use and customizable Authentications and Authorisation management for FastAPI ⚡

AuthenticationX 💫 Ready-to-use and customizable Authentications and Oauth2 management for FastAPI ⚡ Source Code: https://github.com/yezz123/AuthX Doc

Yasser Tahiri 404 Dec 27, 2022
examify-io is an online examination system that offers automatic grading , exam statistics , proctoring and programming tests , multiple user roles

examify-io is an online examination system that offers automatic grading , exam statistics , proctoring and programming tests , multiple user roles ( Examiner , Supervisor , Student )

Ameer Nasser 4 Oct 28, 2021
Graphical Password Authentication System.

Graphical Password Authentication System. This is used to increase the protection/security of a website. Our system is divided into further 4 layers of protection. Each layer is totally different and

Hassan Shahzad 12 Dec 16, 2022
Simplifying third-party authentication for web applications.

Velruse is a set of authentication routines that provide a unified way to have a website user authenticate to a variety of different identity provider

Ben Bangert 253 Nov 14, 2022
Complete Two-Factor Authentication for Django providing the easiest integration into most Django projects.

Django Two-Factor Authentication Complete Two-Factor Authentication for Django. Built on top of the one-time password framework django-otp and Django'

Bouke Haarsma 1.3k Jan 04, 2023
Accounts for Django made beautifully simple

Django Userena Userena is a Django application that supplies your Django project with full account management. It's a fully customizable application t

Bread & Pepper 1.3k Sep 18, 2022
A flask extension for managing permissions and scopes

Flask-Pundit A simple flask extension to organize resource authorization and scoping. This extension is heavily inspired by the ruby Pundit library. I

Anurag Chaudhury 49 Dec 23, 2022
This python package provides a simple password reset strategy for django rest framework

Django Rest Password Reset This python package provides a simple password reset strategy for django rest framework, where users can request password r

Anexia 363 Dec 24, 2022
Kube OpenID Connect is an application that can be used to easily enable authentication flows via OIDC for a kubernetes cluster

Kube OpenID Connect is an application that can be used to easily enable authentication flows via OIDC for a kubernetes cluster. Kubernetes supports OpenID Connect Tokens as a way to identify users wh

7 Nov 20, 2022
OAuth2 goodies for the Djangonauts!

Django OAuth Toolkit OAuth2 goodies for the Djangonauts! If you are facing one or more of the following: Your Django app exposes a web API you want to

Jazzband 2.7k Dec 31, 2022
A wagtail plugin to replace the login by an OAuth2.0 Authorization Server

Wagtail OAuth2.0 Login Plugin to replace Wagtail default login by an OAuth2.0 Authorization Server. What is wagtail-oauth2 OAuth2.0 is an authorizatio

Gandi 7 Oct 07, 2022
An open source Flask extension that provides JWT support (with batteries included)!

Flask-JWT-Extended Features Flask-JWT-Extended not only adds support for using JSON Web Tokens (JWT) to Flask for protecting views, but also many help

Landon Gilbert-Bland 1.4k Jan 04, 2023
A Python tool to generate and refresh Amazon access tokens.

amazon_auth A Python tool to generate and refresh Amazon access tokens. Description This tool generates and outputs Amazon access and refresh tokens f

15 Nov 21, 2022
python-social-auth and oauth2 support for django-rest-framework

Django REST Framework Social OAuth2 This module provides OAuth2 social authentication support for applications in Django REST Framework. The aim of th

1k Dec 22, 2022
Foundation Auth Proxy is an abstraction on Foundations' authentication layer and is used to authenticate requests to Atlas's REST API.

foundations-auth-proxy Setup By default the server runs on http://0.0.0.0:5558. This can be changed via the arguments. Arguments: '-H' or '--host': ho

Dessa - Open Source 2 Jul 03, 2020
Login System Using Django

Login System Django

Nandini Chhajed 6 Dec 12, 2021
Skit-auth - Authorization for skit.ai's platform

skit-auth This is a simple authentication library for Skit's platform. Provides

Skit 3 Jan 08, 2022