You've implemented a solid per-field encryption strategy, but you need to make sure it's doing what it should. In this video, learn how to write unit tests to ensure that data is encrypted per-field.
- [Tutor] We're going to test the per field encryption … by storing the secret code ABC123. … So our secret code goes here, … and a payment is made by the user, … and the password confirmation code … is our secret code right here. … We are going to make sure … that the payment passport confirmation … is equal to the secret code, … and this field is in memory, … so it's unencrypted, … and then we're going to be using … the database connection cursor, … so that we can make a direct SQL query … from the model … and select that field and make sure it is encrypted. … And then we get the result of this query … using fetch one. … We can print the encrypted string, … and then we can make sure that it's not equal … to our secret code, because it is encrypted, … and we also in to test the deserialization, … and for that we get the object … from the database through Djangos ORM. … Again comparing it. … That way, and now we can run the tests, … so we open up the terminal, … and as you can see, the field has been properly encrypted. …
Skill Level Advanced
Building a Paid Membership Site with Djangowith Nick Walter1h 15m Intermediate
OWASP Top 10: #7 XSS and #8 Insecure Deserializationwith Caroline Wong26m 31s Intermediate
Building RESTful Web APIs with Djangowith Rudolf Olah1h 9m Intermediate
1. Permissions, Access Controls, Activity Logs
2. Throttling a Flood of Requests
3. Protecting Data and Data Privacy
4. 2FA: Two-Factor Authentication
5. CSRF: Cross-Site Request Forgery Protection
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.