A RESTful password locker with Django and backbone.js part 6

29 May

This series has explained how to create a RESTful web application using Django REST framework and Backbone.js. The code is available for you to explore and play with.

To conclude, I’d like to discuss what other additions we could make to make the application more secure, performant and robust.

Security

Storing passwords in plain text in a database is a Bad Idea. Django hashes user passwords for us, so those credentials are fine. But how could we secure the passwords users want to put in our password locker?

If we didn’t have the requirement to allow passwords to be shared, we could use a symmetric key encryption algorithm with the user’s raw authentication password as a secret key – possibly munged with some extra data. This would mean that passwords would only be able to be decrypted once a user logged in and would make large-scale brute-forcing of the database unfeasible if we chose our algorithm carefully since every user’s password would need to be cracked to decrypt their data. We would be storing user passwords in memory and it’s possible they could leak to some degree, but it’d be safer if a hacker was only able to download a dump of the database.

One possibility for supporting sharing and making the stored data more secure would be to use public key cryptography. The private key could require the user’s password to decrypt data. If a user shares a  password, we could encrypt it with the recipient’s public key and they’d be able to decrypt it with their private key when they log in.

Cryptography is computationally expensive, and since our code is in python we may find it better to code these modules in a compiled language. Some python libraries implement their encryption routines in C, so we could use these. However, if we were interested in scalability, we may find it more performant to use dedicated servers to handle the cryptography. In this scenario, we could use an RPC framework such as Apache Thrift to handle communication between the front-end web nodes and Java/C backends.

Also, the entire application must run over SSL for the site to be secure, and ideally not contain any third-party content (such as adverts) to make sure that there’s no possibility for some kind of cross-domain Javascript bug to steal user passwords.

Performance and robustness

Before putting this code into production, we should create a full suite of unit & functional tests. It also needs testing cross-browser testing to make sure there are no quirks in different browsers.

Because the majority of the application is loaded via AJAX, we can cache web templates to a large degree which will reduce load on the web nodes. Of course, we should also combine and minify Javascript and CSS.

That’s all. I hope you’ve found this tutorial useful.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: