django-cryptography
django-cryptography copied to clipboard
georgemarshall
Django 5.0 warnings: baseconv is deprecated
RemovedInDjango50Warning: The django.utils.baseconv module is deprecated.
from django.utils import baseconv
https://code.djangoproject.com/ticket/32712
# django_cryptography/core/signing.py
- from django.utils import baseconv
+ from django.core.signing import b62_encode, b62_decode
I can't create a PR for this repo but here is the diff:
diff --git a/django_cryptography/core/signing.py b/django_cryptography/core/signing.py
index 73ccc7f..c64f526 100644
--- a/django_cryptography/core/signing.py
+++ b/django_cryptography/core/signing.py
@@ -17,7 +17,7 @@ from django.core.signing import (
b64_encode,
get_cookie_signer,
)
-from django.utils import baseconv
+from django.core.signing import b62_encode, b62_decode
from django.utils.encoding import force_bytes, force_str
from ..utils.crypto import constant_time_compare, salted_hmac
@@ -138,7 +138,7 @@ class Signer:
class TimestampSigner(Signer):
def timestamp(self):
- return baseconv.base62.encode(int(time.time()))
+ return b62_encode(int(time.time()))
def sign(self, value):
value = force_str(value)
@@ -152,7 +152,7 @@ class TimestampSigner(Signer):
"""
result = super().unsign(value)
value, timestamp = result.rsplit(self.sep, 1)
- timestamp = baseconv.base62.decode(timestamp)
+ timestamp = b62_decode(timestamp)
if max_age is not None:
if isinstance(max_age, datetime.timedelta):
max_age = max_age.total_seconds()
I am going to sit on this for now, as I have been re-working the code to add type information. Django 5.0 isn't set to be release until December 2023o over a full year from now.
The unfortunate part is Django 3.2 will still be supported until April 2024. So a compatibility shims will be needed, or Django 3.2 support will be dropped once Django 5.0 is released.
@georgemarshall , would this not be as easy as:
try:
from django.core.signing import b62_encode as encode
from django.core.signing import b62_decode as decode
except ImportError:
from django.utils import baseconv
encode = baseconv.base62.encode
decode = baseconv.base62.decode
...
class TimestampSigner(Signer):
def timestamp(self):
- return baseconv.base62.encode(int(time.time()))
+ return encode(int(time.time()))
def sign(self, value):
value = force_str(value)
@@ -152,7 +152,7 @@ class TimestampSigner(Signer):
"""
result = super().unsign(value)
value, timestamp = result.rsplit(self.sep, 1)
- timestamp = baseconv.base62.decode(timestamp)
+ timestamp = decode(timestamp)
if max_age is not None:
if isinstance(max_age, datetime.timedelta):
max_age = max_age.total_seconds()
Using try:except: to handle compatibility through imports is pretty powerful, and its easy to cleanup when the compatibility is no longer needed.
Django 5 is released and i am having this error -
File "/Users/sauravsharma/Developer/work/TPA/worktree_archipay/django-5-upgrades/env/lib/python3.10/site-packages/django_cryptography/core/signing.py", line 20, in <module>
from django.utils import baseconv
ImportError: cannot import name 'baseconv' from 'django.utils'
alright, i fixed the issue.
- first i cloned the repo in my django project.
cd django-cryptographypip install -e .
initially i tried with pip install --upgrade django-cryptography but that didn't update the package so then i tried to install it with git repo but then it doesn't install it correctly. the core folder was missing. finally at the last above method works.
It seems the issue may be related to the package configuration for installation directly from the repository. The setup.py or pyproject.toml may not be including necessary sub-packages or dependencies for a correct install.
i found the issue in setup.cfg. after this change, i can directly install from the repo and the subfolders ( the core folder ) is also included now. idk may be this may not be issue as i am unaware of the third party package code structure but since this change solves the issue, i created a PR here #106
The 1.1 release on PyPi does not include the updated import statements in the core/signing.py which is throwing errors. @georgemarshall Any chance you can push the new version to PyPi?
As of now for those who are having issues can do -
pip install "git+https://github.com/saurav-codes/django-cryptography"
As of now for those who are having issues can do -
pip install "git+https://github.com/saurav-codes/django-cryptography"
This is for Django 5.0? As opposed to the comment that MrSage made above?
Just as a general note, using an unmaintained cryptography library is probably not a good idea. I found some of the patterns shared here were quite extensible and dodged the problem:
https://www.piiano.com/blog/field-level-encryption-in-python-for-django-applications
I reverted to django 4.1.3 and this solved the issue. Warning though other dependecies that depend on django 5.0 like crispy forms, django_q would have to be updated accordingly
This change was already merged to master of this repository as part of https://github.com/georgemarshall/django-cryptography/pull/97 - just hasn't been released to PyPi yet. I opened https://github.com/georgemarshall/django-cryptography/pull/108 to perhaps make that easier.
I'm using Django 5.0, To use the Django_cyptography,
Currently, I'm using this command because the Pypy is not updated yet
pip install "git+https://github.com/saurav-codes/django-cryptography"
The change in #106 is required for installing from pip. Thanks @saurav-codes for the alternative for now and for the PR!
For those looking for the fix but want to be safe if you need to use a requirements file, you can pin to the commit hash:
django-cryptography @ git+https://github.com/saurav-codes/django-cryptography.git@ac210338dd2c84a410452e0b8e18ddee43f1920f
For pip above version 20.1
Any update? Its already been over 3 months since Django 5 got released and we still can't install django-cryptography properly
