Open Archmonger opened 11 months ago
Our use_user_data hook stores user data as unencrypted binary. If the user wants to encrypt certain key/values, this needs to be done manually which is highly inconvenient.
use_user_data
Add built-in encryption support to this hook. This design will be inspired by django-searchable-encrypted-fields.
django-searchable-encrypted-fields
Based on that library, here's a few specifics about the implementation:
settings.py:REACTPY_USER_DATA_ENCRYPTION_KEYS: list
encrypted = models.BooleanField(default=False)
UserDataModel
ComponentSession
manage.py reactpy_upgrade_data_encryption
manage.py check --deploy
Current Situation
Our
use_user_datahook stores user data as unencrypted binary. If the user wants to encrypt certain key/values, this needs to be done manually which is highly inconvenient.Proposed Actions
Add built-in encryption support to this hook. This design will be inspired by
django-searchable-encrypted-fields.Based on that library, here's a few specifics about the implementation:
settings.py:REACTPY_USER_DATA_ENCRYPTION_KEYS: listencrypted = models.BooleanField(default=False)toUserDataModelandComponentSessionmanage.py reactpy_upgrade_data_encryptionmanagement command.manage.py check --deploythat warns if encryption is not enabled.