additional_fields column in postgres credentials table - storing plaintext username/clientID

orbitalci / orbital

Orbital is a self-hosted CI system for solo/small consulting dev teams. Written in Rust.

GNU General Public License v3.0

29 stars 2 forks source link

additional_fields column in postgres credentials table - storing plaintext username/clientID #205

Closed tjtelan closed 4 years ago

tjtelan commented 5 years ago

We should consider usernames / clientID to be sensitive. If we're going to be storing them in the DB, we must at least have some obfuscation process (hash+salt).