45 lines
1.2 KiB
Python
45 lines
1.2 KiB
Python
from cryptography.fernet import Fernet
|
|
from base64 import urlsafe_b64encode
|
|
from app.core.config import settings
|
|
|
|
# Generate a key from the secret key
|
|
def get_fernet_key():
|
|
"""Generate a Fernet key from the application secret key."""
|
|
# Convert secret key to bytes and ensure it's 32 bytes
|
|
key_bytes = settings.SECRET_KEY.encode()
|
|
# Pad or truncate to 32 bytes
|
|
key_bytes = key_bytes.ljust(32, b'0')[:32]
|
|
# Convert to URL-safe base64-encoded bytes (Fernet requirement)
|
|
return urlsafe_b64encode(key_bytes)
|
|
|
|
|
|
# Initialize Fernet with the key
|
|
_fernet = Fernet(get_fernet_key())
|
|
|
|
|
|
def encrypt_secret(secret: str) -> str:
|
|
"""
|
|
Encrypt a secret string.
|
|
|
|
Args:
|
|
secret: The secret string to encrypt
|
|
|
|
Returns:
|
|
The encrypted secret as a string
|
|
"""
|
|
encrypted = _fernet.encrypt(secret.encode())
|
|
return encrypted.decode()
|
|
|
|
|
|
def decrypt_secret(encrypted_secret: str) -> str:
|
|
"""
|
|
Decrypt an encrypted secret string.
|
|
|
|
Args:
|
|
encrypted_secret: The encrypted secret string
|
|
|
|
Returns:
|
|
The decrypted secret as a string
|
|
"""
|
|
decrypted = _fernet.decrypt(encrypted_secret.encode())
|
|
return decrypted.decode() |