I created 3 additional columns: _APIkey, _APIsecret, and nonce.
Once the user is connected, he can add an API key to connect my app with an external service.
To safely encode the API secret in my database (and so that even I can't access it), I want to use the password of the user to encrypt it using the sodium package. So in the database, I would then save the encrypted API secret, the API key, and the random nonce that was generated.
My question, therefore, is: how can I save the password of the user in a variable (the input password from the authentication screen) in order to use it to encrypt the API secret?
Later on, I also need the unhashed password to decrypt the API secret.
Thanks in advance.
PS: if the above logic doesn't make sense, please correct me. So far, it's the easiest solution I have found to secure the users API secrets.
Could it be possible to store the password in a session variable like session$userData$pwd, or can't you access the textbox itself to retrieve the entered password?
Hi,
I created 3 additional columns: _APIkey, _APIsecret, and nonce. Once the user is connected, he can add an API key to connect my app with an external service.
To safely encode the API secret in my database (and so that even I can't access it), I want to use the password of the user to encrypt it using the sodium package. So in the database, I would then save the encrypted API secret, the API key, and the random nonce that was generated.
My question, therefore, is: how can I save the password of the user in a variable (the input password from the authentication screen) in order to use it to encrypt the API secret?
Later on, I also need the unhashed password to decrypt the API secret.
Thanks in advance.
PS: if the above logic doesn't make sense, please correct me. So far, it's the easiest solution I have found to secure the users API secrets.