Unfortunately storing password in db has a fundamental flaw. To be able to use to access any remote source it has to be in usable form. Wether digested or plain text form it doesn't matter since at the moment you use it to login other resource it is in plain format (whatever format that is).
ma 12. elok. 2019 klo 16.24 Sundararajan Seshadri <suns...@gmail.com> kirjoitti: > If I understand is right, user stores the credentials in a database, say A > and another application, probably using a different database B wants to use > the credentials from A. > > Right? > > There is no problem at all, except you need to: > > (a) write your own hook for validating the password in the application > using the database B, but will access the credentials in A. Either you can > define A in django itself or through plain Python itself, you can access it. > > (b) Note that the password will be (and should be) stored encrypted and > 'normally' you will be in no position to 'decode' the original password. > Whatever password is entered while using the application will be subject to > same encryption and the result will be compared with what is in the > database for allowing the login. Hopefully this mechanism is still OK for > you. > > Cheers. > > ================================================= > > On Sunday, August 11, 2019 at 7:01:26 PM UTC+5:30, Lance Haig wrote: >> >> Hi, >> >> I want to allow users to add credentials to th site that allow us to >> pull details ffrom anothr site into our environment. >> >> This will mean that their credentials will need to be useable by a >> regular process that will fetch the data but it is stored securely. >> >> I was thinking about using the same storage mechanisim for the passwords >> that django offers but I am not sure how one would then allow a process >> in the application to use those credentials to aces the otehr site. >> >> Does anyone have a suggestion on how to accomplish this? >> >> Regards >> >> Lance >> >> >> -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to django-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/6c1ab523-b622-44b6-9e65-d2731ed05df1%40googlegroups.com > <https://groups.google.com/d/msgid/django-users/6c1ab523-b622-44b6-9e65-d2731ed05df1%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAHn91odcosmCvpPqj%3DCiC8LDjs5yhfivejpZnMOC1PnW%2BCAKTw%40mail.gmail.com.
