Open mrapacz opened 7 years ago
I think we could actually use cipher. It would only require importing some env vars in config and the usage in code would be really straightforward.
This will be hard since we cannot override Ecto.Repo's get! etc. There are two possible solutions here:
get!
etc. and call Aion.Repo's functions inside its own but would take care of all the encryption and decryption layers. This would require replacing all of the Aion.Repo usage in code, though.
Type
Enhancement
Current behaviour Right now we're using ids as they are on the frontend side. Moreover, we're storing them as ints and casting them to strings everytime we want to use them.
Expected behaviour We would start using encrypted ids on the frontend side.
Motivation / use case Using integer ids is not convenient because everytime we use them we have to cast them to strings. Even if we decided to store an integer id cast to string it would still not be safe, because anyone using our system could get the idea how much data we have in our db.
It seems that hashids are the best solution, I'm open for your suggestions and comments, though.