Right now we are hashing only the mobile number and email address when using Users::identify($type, $value). This lets us identify the user in the database without storing their email and mobile number.
We could refactor Users.php to store "$type:$hashed" always, and retire the "mobile_hashed" and "email_hashed" types completely. This would make the Users::identify function consistent with the scheme used in the "Streams/identify" streams from https://github.com/EGreg/Q/issues/7
If you do this issue, do it in a separate branch and thoroughly test that you didn't break anything, before checking it back in. Note that all existing "mobile_hashed:..." rows would have to be updated to "mobile:..." and "facebook:$uid" rows would have to be updated to "facebook:$hashOfUid" etc. -- you could write a script for that named scripts/Users/0.8.1-Users.mysql.php
Right now we are hashing only the mobile number and email address when using
Users::identify($type, $value)
. This lets us identify the user in the database without storing their email and mobile number.We could refactor
Users.php
to store "$type:$hashed" always, and retire the "mobile_hashed" and "email_hashed" types completely. This would make theUsers::identify
function consistent with the scheme used in the"Streams/identify"
streams from https://github.com/EGreg/Q/issues/7If you do this issue, do it in a separate branch and thoroughly test that you didn't break anything, before checking it back in. Note that all existing "mobile_hashed:..." rows would have to be updated to "mobile:..." and "facebook:$uid" rows would have to be updated to "facebook:$hashOfUid" etc. -- you could write a script for that named
scripts/Users/0.8.1-Users.mysql.php