Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add encryption support to use_user_data hook #193

Open
Archmonger opened this issue Oct 1, 2023 · 0 comments
Open

Add encryption support to use_user_data hook #193

Archmonger opened this issue Oct 1, 2023 · 0 comments
Labels
complexity: 2 (medium) priority: 3 (low) type: feature

Comments

@Archmonger
Copy link
Contributor

Archmonger commented Oct 1, 2023
edited
Loading

Current Situation

Our use_user_data hook stores user data as unencrypted binary. If the user wants to encrypt certain key/values, this needs to be done manually which is highly inconvenient.

Proposed Actions

Add built-in encryption support to this hook. This design will be inspired by django-searchable-encrypted-fields.

Based on that library, here's a few specifics about the implementation:

  1. Create settings.py:REACTPY_USER_DATA_ENCRYPTION_KEYS: list
  2. Add encrypted = models.BooleanField(default=False) to UserDataModel and ComponentSession
  3. Add new manage.py reactpy_upgrade_data_encryption management command.
    • Encryption keys are upgraded lazily by default, but this command will be used to manually upgrade all data to the newest encryption key.
  4. Add a check to manage.py check --deploy that warns if encryption is not enabled.
  5. Warn if encryption keys are too short or lack entropy.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
complexity: 2 (medium) priority: 3 (low) type: feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Archmonger