I used this just the other day, with reference from its use in Satchmo payment processing to build a unique encrypted link for our affiliate clients.
I wanted them to have an easy, one click link that they can use to visit their information instead of having to remember a password (FAILS, unless service is important enough).
I used Blowfish in the Python Cryptography Toolkit.
import bas64from Crypto.Ciphers import Blowfish encryption_object = Blowfish.new("my-key-of-some-kind") # keep this key.. I used the django settings.SECRET_KEY encryption_object.encrypt() # requires multiple of 8 character input, so we must check if our string to encrypt is a multiple of 8 and add extra characters when it's short padding = '' if (len(STRING_TO_ENCRYPT) % 8 ) <> 0 : padding = 'X' * (8-(len(STRING_TO_ENCRYPT) % 8)) # len(STRING_TO_ENCRYPT) % 8 returns the remainder of division # subtracting this from 8 gives you the number needed to reach the multiple of 8. encrypted_string = base64.b64encode(encryption_object.encrypt(STIRNG_TO_ENCRYPT+padding)) # b64encode to create a "more" url-safe string. encryption_object.decode(base64.b64decode(encrypted_string)).rstrip('X')
Now I can encrypt something like a slug and use it as a unique link that is only available to the person who I send the link to.
Another way I’ve done that is to use a 1 way hash: store a hash on the model of the slug and look up the DB object by hash.
I just didn’t want to add a new field and deal with updating DBs to add this feature.