Closed litchfield closed 6 years ago
My apologies for not responding to your PR earlier. I wanted to write up some documentation on how to migrate existing data before responding. Unfortunately that has not happened yet, so in the interim I will give you the tl;dr version.
When you wrap a field with encrypt()
it will use BinaryField
for the database. This means you can't just simply wrap an existing database column, you need to create a new one and migrate that data into it.
You can now find an example migration in the source converting unencrypted data to encrypted.
We found it awkward to introduce django-cryptography to existing data, so we added a new setting ALLOW_UNENCRYPTED (default False), which allows unencrypted data to be READ (read only), instead of throwing a BadSignature error. When the data gets written it's still encrypted.