Encrypted fields

Added in version 5.2.3.

Django MongoDB Backend supports Queryable Encryption.

See Configuring Queryable Encryption for more information on how to use Queryable Encryption with Django MongoDB Backend.

See the Queryable Encryption topic guide for more information on developing applications with Queryable Encryption.

The following tables detailed which fields have encrypted counterparts. In all cases, the encrypted field names are simply prefixed with Encrypted, e.g. EncryptedCharField. They are importable from django_mongodb_backend.fields.

django.db.models

Model Field

Encrypted version available?

BigIntegerField

Yes

BinaryField

Yes

BooleanField

Yes

CharField

Yes

DateField

Yes

DateTimeField

Yes

DecimalField

Yes

DurationField

Yes

EmailField

Yes

FileField

No: the use case for encrypting this field is unclear.

FilePathField

No: the use case for encrypting this field is unclear.

GenericIPAddressField

Yes

ImageField

No: the use case for encrypting this field is unclear.

IntegerField

Yes

JSONField

No: JSONField isn’t recommended.

PositiveIntegerField

Yes

PositiveBigIntegerField

Yes

PositiveSmallIntegerField

Yes

SlugField

No: it requires a unique index which Queryable Encryption doesn’t support.

SmallIntegerField

Yes

TimeField

Yes

TextField

Yes

URLField

Yes

UUIDField

Yes
django_mongodb_backend.fields

Model Field

Encrypted version available?

ArrayField

Yes

EmbeddedModelArrayField

Yes

EmbeddedModelField

Yes

ObjectIdField

Yes

PolymorphicEmbeddedModelField

No: may be implemented in the future.

PolymorphicEmbeddedModelArrayField

No: may be implemented in the future.

These fields don’t support the queries argument:

  • EncryptedArrayField

  • EncryptedEmbeddedModelArrayField

  • EncryptedEmbeddedModelField

Limitations

MongoDB imposes some restrictions on encrypted fields:

  • They cannot be indexed.

  • They cannot be part of a unique constraint.

  • They cannot be null.

EncryptedFieldMixin

class EncryptedFieldMixin

Added in version 5.2.3.

A mixin that can be used to create custom encrypted fields with Queryable Encryption.

To create an encrypted field, inherit from EncryptedFieldMixin and your custom field class:

from django.db import models
from django_mongodb_backend.fields import EncryptedFieldMixin
from myapp.fields import MyField


class MyEncryptedField(EncryptedFieldMixin, MyField):
    pass

You can then use your custom encrypted field in a model, specifying the desired query types:

class MyModel(models.Model):
    my_encrypted_field = MyEncryptedField(
        queries={"queryType": "equality"},
    )
    my_encrypted_field_too = MyEncryptedField(
        queries={"queryType": "range"},
    )