skip to navigation
skip to content

Fanery 0.2.0

Application development framework

Latest Version: 0.2.5

Application development framework.

Project Goals

  • Strong security by default.
  • Focus on being developer-oriented.
  • Promote funcional pythonic style.
  • Promote continuous testing+profiling.

Why Fanery

Fanery is an opinionated development framework build around a few simple concepts:

  • Strong criptography must be transparent and enabled by default.
  • Encryption must only rely on unbroken high-quality ciphers/algorithms/implementations.
  • Encryption must rely exclusively on cryptographic keys generated server side.
  • Session security must not rely on SessionIDs, bizare URLs, secure cookies, secret tokens, magic keys or any other piece of information that can be guessed or stolen during transmission.
  • Capture and re-transmission of encrypted messages must be pointless.
  • The framework must protect transparently against brute-force and authenticated sessions abuse.
  • The framework must handle transparently input serialization to harmless/built-in only object types.
  • The framework must not depend on strict/pre-defined configuration style/format and/or directory structure.
  • The framework must not tie to a particular storage or UI technology.
  • The framework must provide the facilities for easy testing/debugging and profiling.
  • The framework must not rely on components that inhibit elastic/horizontal scalability.
  • The framework must work seamessly in multi-thread/multi-process or event-driven environments.

A lot of discussions happens around “JavaScript criptography considered harmfull” so a bit of clarification is needed to understand why and how Fanery use it:

  • HTTPS cannot be replaced by JavaScript criptography, however SSL/TLS is no help against the majority of common attacks, that’s why Fanery use “scrypt + NaCl + One-Time Pad” (both server and client side) to achieve protection against many of those threats using JavaScript criptography together with HTTPS and not as a replacement.

Install howto

  1. First make sure to install successfully the following C libraries

pip install cxor pip install ujson pip install PyNaCl pip install scrypt pip install bsdiff4 pip install ciso8601 pip install python-libuuid pip install msgpack-python

  1. Then install Fanery and run test files

pip install Fanery

python tests/

  1. Enable debugging/profiling facilities installing the following packages

pip install ipdb pip install xtraceback pip install profilehooks pip install line-profiler pip install memory-profiler pip install linesman objgraph

File Type Py Version Uploaded on Size
Fanery-0.2.0.tar.gz (md5) Source 2014-08-26 310KB