75
For python3.6+
import secrets
generated_key = secrets.token_urlsafe(length)
For older versions of python:
for a very secure way of generating random number, you should use urandom:
from binascii import hexlify
key = hexlify(os.urandom(length))
this will produce bytes, call key.decode()
if you need a string
For general non-secure random strings, with more settings, you can just generate keys of your desired length the python way:
import random
import string
def generate_key(length):
return ''.join(random.choice(string.ascii_letters + string.digits) for _ in range(length))
And then you can just call it with your desired length key = generate_key(40)
.
You can specify what alphabet you want to use, for example using only string.ascii_lowercase
for key consisting of only lowercase letters etc.
There is also Model for Api authentication in tastypie, might be worth checking out https://django-tastypie.readthedocs.org/en/latest/authentication.html#apikeyauthentication
96
If youβre on Python 3.6 or later, the secrets module is the way to go:
The secrets module is used for generating cryptographically strong random numbers suitable for managing data such as passwords, account authentication, security tokens, and related secrets.
In particular, secrets should be used in preference to the default pseudo-random number generator in the random module, which is designed for modelling and simulation, not security or cryptography.
e.g. to generate a 16 byte token:
>>> import secrets
>>> secrets.token_urlsafe(16)
'zs9XYCbTPKvux46UJckflw'
>>> secrets.token_hex(16)
'6bef18936ac12a9096e9fe7a8fe1f777'
- [Django]-How to get the username of the logged-in user in Django?
- [Django]-Check permission inside a template in Django
- [Django]-How to programmatically call a Django Rest Framework view within another view?
4
you can also use following module to generate random string
1 - os.urandom(64).encode('hex') #from os module
2 - uuid.uuid4() # from uuid module
3 - get_random_string(length=32) #from django.utils.crypto
4 - secrets.token_hex(64) #from secrets >= python 3.6
- [Django]-Redirect to Next after login in Django
- [Django]-Django: Multiple forms possible when using FormView?
- [Django]-Elegant setup of Python logging in Django
2
Adding answer as I canβt comment on T. Opletals answer.
You should not use random.choice as random isnβt cryptographically secure. A better option would be random.SystemRandom() which uses the system source of randomness, on linux this would be urandom.
def generate_key(length):
char_set = string.ascii_letters + string.punctuation
urand = random.SystemRandom()
return ''.join([urand.choice(char_set) for _ in range(length)])
- [Django]-How to use curl with Django, csrf tokens and POST requests
- [Django]-TemplateDoesNotExist β Django Error
- [Django]-Django signals vs. overriding save method
1
If you want an easy-to-use but highly customisable key generator, use key-generator
pypi package.
Here is the GitHub repo where you can find the complete documentation.
Hereβs an example:
from key_generator.key_generator import generate
custom_key = generate(2, ['-', ':'], 3, 10, type_of_value = 'char', capital = 'mix', seed = 17).get_key()
print(custom_key) # ZLFdHXIUe-ekwJCu
Hope this helps
Disclaimer: This uses the key-generator
library which I made.
- [Django]-Django: Use of DATE_FORMAT, DATETIME_FORMAT, TIME_FORMAT in settings.py?
- [Django]-How to change field name in Django REST Framework
- [Django]-How to get the domain name of my site within a Django template?