FlowiseAI / Flowise

Drag & drop UI to build your customized LLM flow
https://flowiseai.com
Apache License 2.0
31.7k stars 16.54k forks source link

[FEATURE] Encrypt Messages #3399

Open maximometascript opened 1 month ago

maximometascript commented 1 month ago

Describe the feature you'd like I'd like the option to turn on message encryption so that the database (i.e., MySQL) stores messages in an encrypted manner. This would be to prevent an attack vector where the root database username/password are compromised. Sensitive information could be discussed with a chatbot, and this should not leak out to an attacker.

Additional context While ideally this encryption would be unlocked by information in end user tokens given through an SSO solution such as Keycloak, a master key would still prove useful as a stop gap.

steve7158 commented 2 weeks ago

Hi, @maximometascript , @HenryHengZJ To encrypt the messages can we use the encryption key used for encoding the credential data before storing it in the DB, for toggling we can add a switch in the settings menu. let me know if this works, id like to work on this if its ok.

Screenshot 2024-11-02 at 8 19 15 PM