How to Generate Confidential, Sortable, and Compact Unique Integer Primary Keys in Django?

Unique Integer Primary Keys in Django: Achieving Confidentiality without Sacrificing Speed

Exposed primary keys can pose security concerns. To address this, developers often seek to replace the default auto-incremented primary key with a unique integer that is not easily guessable or enumerable. While hashing the original key is a common solution, it introduces performance overhead and the need for conversion every time the key is accessed.

In this article, we present an alternative approach inspired by Instagram's approach. Our solution generates a unique integer key that meets the following criteria:

• Integer Type: Maintains the primary key field type as an integer.
• Time-Based Component: Incorporates a time-based component to ensure sortability by insertion time.
• Unique Per Table: Guarantees uniqueness only within the specific table, not globally.
• Minimal Length: Aims for a compact key length to avoid excessive URL length.

Implementation

Generating IDs:

START_TIME = <unix timestamp constant>

def make_id():
    t = int(time.time()*1000) - START_TIME
    u = random.SystemRandom().getrandbits(23)
    id = (t << 23 ) | u
    return id

The Model:

class MyClass(models.Model):
   id = models.BigIntegerField(default = fields.make_id, primary_key=True)  

Benefits

• Confidentiality: Hides the number of rows in a table from public view.
• Performance: Avoids unnecessary hashing operations.
• Compactness: Produces key values that are generally shorter than hashes.

This approach effectively addresses the concerns raised while meeting the specific requirements of a unique integer primary key without compromising performance or storage efficiency.

The above is the detailed content of How to Generate Confidential, Sortable, and Compact Unique Integer Primary Keys in Django?. For more information, please follow other related articles on the PHP Chinese website!