4đź‘Ť
This isn’t possible, by design. The data stored in the database is an opaque blob, so even if the plaintext you set the field to contains “George”, that text isn’t in the database.
The idea regarding encrypting the data again and comparing the stored database value against that is an interesting one, but it still won’t work. The data is encrypted with a random initialization vector, so you can’t simply reproduce the results.
Possible solution
You may be able to work around the problem with hashing though. For example, if your user provides an email and password for authentication, but you want the email to be stored encrypted in your database, you could store a hashed version of the email in addition to the encrypted one. Then you can reproduce the hash and query against that, and only decrypt the email once you’ve found your user.
1đź‘Ť
For some cases the solution/workaround might be to compare in Python instead of using the Django ORM, so instead of:
return BlockedIP.objects.filter(ip_address=ip_address).exists()
Do something like this:
return ip_address in BlockedIP.objects.values_list('ip_address', flat=True)
Note that this might very well not be efficient if you have a lot of records.
- [Django]-Including static js files in django 1.7
- [Django]-Django async update a single page template
- [Django]-Django filters, got an unexpected keyword argument
1đź‘Ť
It is not immediately possible because the data stored in the underlying database is a cipher text in binary format. To support this, you’d need searchable fields like Kevin mentioned above, however those are very slow in large production use-cases, as they require decryption prior to executing the search.
Also note that django-encrypted-fields is deprecated, as it makes use of Google Keyczar which has been abandoned in favor of Google Tink. I ended up in the same situation and created https://github.com/script3r/django-tink-fields to address my needs.
- [Django]-How can an Ajax callback realize that a user's authenticated session has timed out?
- [Django]-Get average of difference of datetime fields in django
0đź‘Ť
Yes, you can do it with django-searchable-encrypted fields with a handful of caveats:
- You need to add fields that are searchable, on top of which ones are encrypted yourself
- Updates don’t work properly, you need to update both the encrypted field and the searchable field
- Adding a searchable field after means you need to iterate over your objects and set the value to itself (don’t quote me on this, but that’s the way it appears).
https://pypi.org/project/django-searchable-encrypted-fields/
- [Django]-How to check if, elif, else conditions at the same time in django template
- [Django]-The proper Django way to make a form field required on CreateView, but optional on UpdateView?
- [Django]-Django : local variable 'date' referenced before assignment but I import it