Closed RobRuana closed 7 years ago
This looks solid from a code perspective, but from a cryptographic perspective I'm a little skeptical. I don't know enough about how we're integrating with the system or what the plan is... if possible, I'd like to talk about that. That can be after this is merged, though.
Oh yeah, we'd be storing secrets in plain text. Which is Bad (TM).
These are only meaningful for like 24-48 hours or so, so I wasn't too worried about it. I was picturing having to run the export multiple times. If we wanted to preserve the PINs across exports we'd need a script to merge/update the PINs from previous exports.
Maybe that's for the best, though. Probably a good idea to drop the hotel_pin
column altogether.
On second thought, I really don't care that much if the hotel PINs are stolen. It just means that for the first 24 hours the thief will be able to register more than one hotel room by using another user's PIN. Which will be pretty easy to uncover by just looking at the hotel reservations.
Saving the
hotel_pin
in the database is not strictly necessary, but if we ever need to do the export more than once, it lets us easily keep the same PINs.