Encrypt/Decrypt one field

Encrypt/Decrypt one field

goktuginal41@gmail.comgoktuginal41@gmail.com Posts: 57Questions: 22Answers: 0
edited August 2022 in Free community support

Hello everyone,

With Fernet, I encrypt the patientid value I received via POST in the web app and save it to the database in views.py. My question is that how to decrypt patientid and show this decrypted data in 'datatable'. I implemented serializers.py and keep data with json.

To be more clear, { data: 'patientid.patientid'} part below, it shows encrypted data in datatables which is not what I want. Thanks in advance.

base.html

var table = $('#example').DataTable({

          // json to fill the table rows and columns
          "ajax": {
            url: "/json",
            type: "GET"
          },
          columns: [
            {"data": null,
              render: function ( data, type, row ) {
                return '<a class="btn btn-outline-success text-center" id="edit" title="Edit row" data-bs-toggle="modal" data-bs-target="#editModal"><i class="fa-solid fa-pen-to-square" style="color:green !important;"></i></a>';
              }
            },
            { data: 'p_id_s'},
            { data: 'reception_date'},
            { data: 'hospital_date'},
            { data: 'culture'},
            { data: 'index_sample'},
            { data: 'is_index_sample'},
            { data: 'status'},
            { data: 'patientid.patientid'},
            { data: 'patientid.bday'},
            { data: 'patientid.age'},
            { data: 'patientid.gender'},
            { data: 'patientid.born_country'},
            {data: null,
             render: function ( data, type, row ) {
                return '<a class="btn btn-outline-danger text-center" id="delete" title="Delete row" data-bs-toggle="modal" data-bs-target="#deleteModal"><i class="fa-solid fa-delete-left" style="color:red !important;"></i></a>';
              }
            },
          ],

This question has an accepted answers - jump to answer

Answers

  • goktuginal41@gmail.comgoktuginal41@gmail.com Posts: 57Questions: 22Answers: 0

    Do I need to decrypt the patientid.patientid value in the model here, iterate values with for loop and then, send it to the serializer to create json format? I'm kinda stuck here.

    views.py

    def ibv_json(request):
        # for loop to decrypt value #
        serializer = SamplesSerializer(Samples.objects.all(), many=True)
        response = {'data': serializer.data}
    
        return JsonResponse(response, safe=False)
    
  • kthorngrenkthorngren Posts: 21,555Questions: 26Answers: 4,994

    I suspect you don't want to decrypt it before sending it to the client. On the client side you might be able to use some like this repo to decrypt the data using columns.render:
    https://github.com/csquared/fernet.js/blob/master/README.md

    See this data rendering example.

    Kevin

  • goktuginal41@gmail.comgoktuginal41@gmail.com Posts: 57Questions: 22Answers: 0

    Thank you for your answer Kevin.

    I have encrypt_util.py file which includes encrypt and decrypt fucntions. It is a bit out of scope of datatables but is it possible to call decrypt function from index.html in order to decrypt data by using column.render?

  • allanallan Posts: 63,815Questions: 1Answers: 10,517 Site admin

    No. The client side can't execute Python - which means you'd need to make an Ajax call in the rendering function and the rendering function does not allow Async results. It would also mean hundreds of Ajax requests to the server when the page is rendered.

    What Kevin said:

    I suspect you don't want to decrypt it before sending it to the client

    Is exactly correct.

    Allan

  • goktuginal41@gmail.comgoktuginal41@gmail.com Posts: 57Questions: 22Answers: 0

    Hi Allan,

    Thank you for your answer. I am a bit lost here beacuse I'm so new in django and datatables.

    I encrypt the patientid value I received via POST and save it to the database. No problem here. And I am sending this value as json format with serializer.py and display it in datatable(In my case, it is displayed encrypted). However, I could not understand exactly at what stage I should decrypt. After sending it to server side in json format, I need to decrypt this data by using column:render function as far as I understand, please verify me? However, I cannot call the decrypt function at this stage. Plus, I don't know how to integrate the repo in my django project Kevin told me. Thank you for your patience.

    columns:[
    {
            data: 'patientid.patientid',
            render: function (data, type) {
                    ### decrypt(data) ###
            return data;
            },
    },
    ]
    
  • kthorngrenkthorngren Posts: 21,555Questions: 26Answers: 4,994

    Basically what you have is correct except you need to return the decrypted data, something like this:

    columns:[
    {
            data: 'patientid.patientid',
            render: function (data, type) {
                    ### return decrypt(data) ###
            return data;
            },
    },
    ]
    

    I've never used any decryption tools on the Javascript client. What I pointed you to is an example of the type of library you will need. I don't know if that particular library works or does exactly what you need. In general you will load these libraries the same you would load the Datatables libraries into your environment. Then use their API to decrypt the data.

    Kevin

  • allanallan Posts: 63,815Questions: 1Answers: 10,517 Site admin
    Answer ✓

    To add to that, I'd strongly discourage you from doing the decryption client-side. If you did so you've be making the decryption key public (i.e. you'd need it in the Javascript). So there would be no point in encrypting it in the first place, since anyone could just decrypt it!

    Allan

This discussion has been closed.