{"id":15584410,"url":"https://github.com/ableinc/polysecrets","last_synced_at":"2025-03-29T08:45:00.706Z","repository":{"id":57454089,"uuid":"190068478","full_name":"ableinc/polysecrets","owner":"ableinc","description":"A completely randomized order of secrets; built with security in mind.","archived":false,"fork":false,"pushed_at":"2021-06-01T20:56:10.000Z","size":31,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-06T01:17:09.989Z","etag":null,"topics":["application-security","cryptography","encryption","jwt","jwt-token","password","password-generator","polysecrets","secrets","security","security-tools","server-security","signing","signing-certificates"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ableinc.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-06-03T19:25:20.000Z","updated_at":"2023-08-21T04:36:50.000Z","dependencies_parsed_at":"2022-09-04T23:22:17.814Z","dependency_job_id":null,"html_url":"https://github.com/ableinc/polysecrets","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ableinc%2Fpolysecrets","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ableinc%2Fpolysecrets/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ableinc%2Fpolysecrets/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ableinc%2Fpolysecrets/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ableinc","download_url":"https://codeload.github.com/ableinc/polysecrets/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246162117,"owners_count":20733355,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["application-security","cryptography","encryption","jwt","jwt-token","password","password-generator","polysecrets","secrets","security","security-tools","server-security","signing","signing-certificates"],"created_at":"2024-10-02T20:41:02.550Z","updated_at":"2025-03-29T08:45:00.688Z","avatar_url":"https://github.com/ableinc.png","language":"Python","readme":"# Polysecrets\n![alt text](https://img.icons8.com/dotty/80/000000/mesh.png \"Polysecrets Logo\")\nA completely randomized order of secrets; built with security in mind. Secrets can be automatically generated\non a time interval or manually generated. Polysecrets keeps the guessing away from the human in exchange for\na truly secret, randomized signing order. Instead of a hardcoded secret that can be stolen during a security\nbreach, Polysecrets, randomizes the provided string in a way that a secret produced at 8:00pm can be completely\ndifferent from a secret produced at 8:01pm, on the same server.\n\n# Libraries - v0.1.4\nNodeJS: https://www.npmjs.com/package/polysecrets\nPython: https://pypi.org/project/polysecrets/\n\n# Author\nLet's connect on LinkedIn: https://www.linkedin.com/in/jaylen-douglas-292b82a6/\n\n# Requirements\n* Python 3.5+\n* Windows, OSX or Linux\n\n# Install\nLocally\n```bash\ngit clone https://github.com/ableinc/polysecrets.git\ncd polysecrets\n\npython -m pip install --upgrade .\n            or\npip install --upgrade .\n```\nPyPi (Pip)\n```bash\npython -m pip install --upgrade polysecrets\n            or\npip install --upgrade polysecrets\n```\n# How To Use\nPolysecrets can be used manually or automated. Automated use can be provided a time (in seconds) for\nhow often a new secret should be generated, the default time is set to 30 seconds. You do not have\nto provide a secret to Polysecrets class, but you can if you'd like\ncertain characters in your secret. Reminder, the secret is a collection of\nrandomly ordered characters so the secret you provide will not be used entirely.\u003cbr /\u003e\n\n** Look through examples folder ** \u003cbr /\u003e\n\nAutomated (this will add the secret to your environment)\n```python\nfrom os import environ\nfrom polysecrets import PolySecrets\n\n\nconfig = dict(\n        secret='rAnd0m_s3cr3t',  # or use default\n        length=10,  # default\n        interval=30,  # default (only if you're using automated)\n        uuid='yes',  # default\n        mixcase=False,  # default\n        persist=False,  # default\n        symbols=False\n    )\n\n\nautomated = PolySecrets(config).automated()  # default time is set to 30 seconds\nprint(environ['secret'])  # confirm secret is available\nautomated.terminate()  # stop automation\n\n```\n\nManual:\n```python\nfrom polysecrets import PolySecrets\n\nconfig = dict(\n        secret='rAnd0m_s3cr3t',  # or use default\n        length=10,  # default\n        interval=30,  # default (only if you're using automated)\n        uuid='yes',  # default\n        mixcase=False,  # default\n        persist=False,  # default\n        symbols=False\n    )\n\n\nsecret = PolySecrets(config).manual()\nprint(secret)  # confirm secret is available\n```\n\nRefer to examples folder for all use cases.\nAlso refer to 'Notes' section at the bottom of\nthis README. \u003cbr /\u003e\n**If you want your environment variables cleared after Polysecrets\nterminates, do the following:** \u003cbr /\u003e\n```python\n\nfrom polysecrets import PolySecrets\nfrom os import environ\n\nconfig = {}  # use all defaults\nautomated = PolySecrets(config=config, clear_on_exit=True).automated()\nprint(environ['secret'])\nautomated.terminate()  # forcibly remove envs\n```\n# Persistence\nYou can you use the persistence feature to keeps record\nof the secrets produced, and verifies that no secret has been duplicated. You will need to have a .env file with the MongoDB credentials inside. An example of the .env file is below:\n```text\nHOST=localhost\n#PORT=27017\nUSER=root\nPASS=r00tp@ssw0rD\n#DB_NAME=polysecrets\n#COLLECTION=secrets\n#AUTH_SOURCE=admin\n\n# Host URI Example\nHOST=mongodb://user:password@example.com/?authSource=the_database\u0026authMechanism=SCRAM-SHA-1\n```\nNotes:\n* ***All variables with the '#' prefix are optional; defaults will be assigned.***\n* ***Host variable can also be a full MongoDB URI. If so, it will ignore all other variables.***\n\n# Options\nYou can do the following with Polysecrets:\n* Manually or Automatically generate new secrets\n* Change time interval for new secret generation (for Automated feature)\n* Change the length of the final Polysecrets secret (refer to Notes at end of README)\n* Choose whether to generate secrets with just UUIDs, Alphanumeric characters or both\n* Persist generated secrets to ensure the same secret isn't used twice\n\nThe CLI (below) has full details of each option (except automated option)\n\n# CLI\nYou can use Polysecrets as a command line tool. CLI does not provided automated feature. If secret is left out, it will default to a random string built into the Polysecrets. An example is below: \u003cbr /\u003e\n```bash\npolysecrets --length 20 go\n```\nHelp menu\n```bash\nUsage: polysecrets [OPTIONS] GO\n\nOptions:\n  -s, --secret TEXT       The secret string\n  -l, --length INTEGER    Length of the secret. Secret has a minimum length of\n                          10\n  -i, --interval INTEGER  How frequently should a new secret be generated (in\n                          seconds)\n  -u, --uuid TEXT         Whether to use UUIDs or Alphanumeric characters for\n                          secret generation - yes, no, both\n  -m, --mixcase BOOLEAN   Decide whether or not to mix the case of\n                          alphacharacters in secret string\n  -p, --persist DICT      Never get the same secret twice with persistence\n                          from MongoDB\n  --symbols BOOLEAN       Whether or not to use special characters in secret.\n                          This will only increase the probability of appending\n                          a special character.\n  --version               Show the version and exit.\n  --help                  Show this message and exit.\n\n```\n\n# Benefits\n* JSON Web Tokens\n* Certificate Signing\n* Hashing\n* Various scenarios of Cryptography\n* Password generater\n\n# What's Next \u003ch5\u003e(refer to Changelog)\u003c/h5\u003e\nIf you have found a bug or would like to create new features, make a PR!\n\n# Changelog\n**v0.1.4** - June 1st, 2021\n* Improved CLI tool\n* Fixed persistence bug\n* Simplified defaults\n\n**v0.1.3** - July 11th, 2019\n* Improved code and squashed bugs\n\n**v0.1.2** - July 1st, 2019\n* Persistence added. You can now avoid duplicate secrets being generated.\n* Node version is now available. Install:\n```bash\nnpm install polysecrets\n```\n* Improved code and squashed bugs\n\n**v0.1.1** - June 4th, 2019\n* Custom secret string length, with a minimum of 10 characters\n* You may mix the secret, in combination with the provided secret string, with UUIDs, alphanumeric characters or both.\n* You can now select between upper and lower case mixing during secret generation\n\n**v0.1.0** - June 3rd, 2019\n* Manually and autogenerated secrets, with fixed secret length\n* Polysecrets CLI added\n\n# Note\n\n- If you change the length of the secret via the 'length' parameter, you will notice that the\nsecret string you provided will not contain all the characters provided. If you want the final\nsecret to contain all the exact same characters, then provide the exact string length to\nPolysecrets 'length' field.\n\n- The secret provided in the config is just used as reference characters and are not\nguaranteed to be a part of the final secret. If you would like to use the secret you\nprovide I would recommend going the traditional route; add secret to your project\n.env file and use Able's \u003ca href=\"https://github.com/ableinc/pydotenvs\"\u003ePy.Envs\u003c/a\u003e\npython library.\n\n- You cannot run manual and automated in the same file. You will throw an error.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fableinc%2Fpolysecrets","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fableinc%2Fpolysecrets","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fableinc%2Fpolysecrets/lists"}