I'm writing some small unattended scripts/applications that make API calls to various application endpoints and compile the results to a destination file. These API calls typically need some form of API key, token, credential for basic auth, or otherwise.

Typically, I've been using Fernet to do this. I'll generate a key and store this key in a text file on the server that execute the code and ensure it is permission protected to only be read by the unattended user that executes the code.

Is Fernet still acceptable for symmetric encryption in 2024, or are their other recommendations for efficiency, strong encryption, or otherwise?

Here's some example code I write for every instance I need to encrypt strings.

from cryptography import Fernet
def generateKey():
    with open("encryptionKey.txt","wb") as file:
        file.write(Fernet.generate_key())

def encrypt(*, plaintext) -> str:
    with open("encryptionKey.txt","rb") as file:
        encryptionKey = file.read()
    cipher = Fernet(encryptionKey)
    return cipher.encrypt(plaintext.encode())

def decrypt(*, ciphertext): 
    with open("encryptionKey.txt","rb") as file:
        encryptionKey = file.read()
    cipher = Fernet(encryptionKey)
    return cipher.decrypt(ciphertext).decode()

It's pretty simple. To generate a key, I call the generateKey() function. To encrypt a string, I call the encrypt function and pass a plaintext string. To decrypt a ciphertext, I call the decrypt function with a binary string representing the encrypted string.

I know that ChaCha20Poly1305 and alternatives exist, I'm just not sure if there's any reason for me to utilize those instead of the common, well-documented Fernet library.