118 lines
3.3 KiB
Python
118 lines
3.3 KiB
Python
|
"""
|
|||
|
|
Encryption/Decryption utilities for sensitive data
|
|||
|
|
Uses Fernet (symmetric encryption) from cryptography library
|
|||
|
|
"""
|
|||
|
|
from cryptography.fernet import Fernet
|
|||
|
|
import os
|
|||
|
|
import base64
|
|||
|
|
from typing import Optional
|
|||
|
|
|
|||
|
|
|
|||
|
|
class EncryptionService:
|
|||
|
|
"""Şifreleme servisi - API token'ları ve hassas verileri şifreler"""
|
|||
|
|
|
|||
|
|
def __init__(self, encryption_key: Optional[str] = None):
|
|||
|
|
"""
|
|||
|
|
Args:
|
|||
|
|
encryption_key: Base64 encoded Fernet key.
|
|||
|
|
Eğer verilmezse ENCRYPTION_KEY env variable kullanılır.
|
|||
|
|
"""
|
|||
|
|
if encryption_key is None:
|
|||
|
|
encryption_key = os.getenv('ENCRYPTION_KEY')
|
|||
|
|
|
|||
|
|
if not encryption_key:
|
|||
|
|
raise ValueError(
|
|||
|
|
"ENCRYPTION_KEY environment variable gerekli! "
|
|||
|
|
"Oluşturmak için: python -c 'from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())'"
|
|||
|
|
)
|
|||
|
|
|
|||
|
|
# Key'i bytes'a çevir
|
|||
|
|
if isinstance(encryption_key, str):
|
|||
|
|
encryption_key = encryption_key.encode()
|
|||
|
|
|
|||
|
|
self.cipher = Fernet(encryption_key)
|
|||
|
|
|
|||
|
|
def encrypt(self, plaintext: str) -> str:
|
|||
|
|
"""
|
|||
|
|
Metni şifrele
|
|||
|
|
|
|||
|
|
Args:
|
|||
|
|
plaintext: Şifrelenecek metin
|
|||
|
|
|
|||
|
|
Returns:
|
|||
|
|
Base64 encoded şifreli metin
|
|||
|
|
"""
|
|||
|
|
if not plaintext:
|
|||
|
|
return ""
|
|||
|
|
|
|||
|
|
# String'i bytes'a çevir
|
|||
|
|
plaintext_bytes = plaintext.encode('utf-8')
|
|||
|
|
|
|||
|
|
# Şifrele
|
|||
|
|
encrypted_bytes = self.cipher.encrypt(plaintext_bytes)
|
|||
|
|
|
|||
|
|
# Base64 encode et (database'de saklamak için)
|
|||
|
|
return encrypted_bytes.decode('utf-8')
|
|||
|
|
|
|||
|
|
def decrypt(self, encrypted_text: str) -> str:
|
|||
|
|
"""
|
|||
|
|
Şifreli metni çöz
|
|||
|
|
|
|||
|
|
Args:
|
|||
|
|
encrypted_text: Base64 encoded şifreli metin
|
|||
|
|
|
|||
|
|
Returns:
|
|||
|
|
Orijinal metin
|
|||
|
|
"""
|
|||
|
|
if not encrypted_text:
|
|||
|
|
return ""
|
|||
|
|
|
|||
|
|
try:
|
|||
|
|
# Base64 decode et
|
|||
|
|
encrypted_bytes = encrypted_text.encode('utf-8')
|
|||
|
|
|
|||
|
|
# Şifreyi çöz
|
|||
|
|
decrypted_bytes = self.cipher.decrypt(encrypted_bytes)
|
|||
|
|
|
|||
|
|
# Bytes'ı string'e çevir
|
|||
|
|
return decrypted_bytes.decode('utf-8')
|
|||
|
|
|
|||
|
|
except Exception as e:
|
|||
|
|
raise ValueError(f"Şifre çözme hatası: {str(e)}")
|
|||
|
|
|
|||
|
|
@staticmethod
|
|||
|
|
def generate_key() -> str:
|
|||
|
|
"""
|
|||
|
|
Yeni bir encryption key oluştur
|
|||
|
|
|
|||
|
|
Returns:
|
|||
|
|
Base64 encoded Fernet key
|
|||
|
|
"""
|
|||
|
|
return Fernet.generate_key().decode('utf-8')
|
|||
|
|
|
|||
|
|
|
|||
|
|
# Global instance (singleton pattern)
|
|||
|
|
_encryption_service = None
|
|||
|
|
|
|||
|
|
|
|||
|
|
def get_encryption_service() -> EncryptionService:
|
|||
|
|
"""Global encryption service instance'ını al"""
|
|||
|
|
global _encryption_service
|
|||
|
|
|
|||
|
|
if _encryption_service is None:
|
|||
|
|
_encryption_service = EncryptionService()
|
|||
|
|
|
|||
|
|
return _encryption_service
|
|||
|
|
|
|||
|
|
|
|||
|
|
# Convenience functions
|
|||
|
|
def encrypt_text(plaintext: str) -> str:
|
|||
|
|
"""Metni şifrele (convenience function)"""
|
|||
|
|
return get_encryption_service().encrypt(plaintext)
|
|||
|
|
|
|||
|
|
|
|||
|
|
def decrypt_text(encrypted_text: str) -> str:
|
|||
|
|
"""Şifreli metni çöz (convenience function)"""
|
|||
|
|
return get_encryption_service().decrypt(encrypted_text)
|
|||
|
|
|