-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Store username and barcode in hashed form #24
Comments
I started looking into how to do this a while ago: |
There is one case when we do need plaintext username and barcode: when Adobe uses a temporary token to authenticate as a patron and asks for the human-readable label. We're reevaluating this work in light of this discovery. |
Here are the hashing changes anyway: |
Currently Barcode or username are not required to be encrypted. However, as a best practice, encrypting them in transit and at rest in the DB would be beneficial so we don't have query the ILS repeatedly for a piece of information it is not required to encrypt. |
Given that this was a nice-to-have that actually causes problems for patrons, I'm closing this issue. |
Given the never ending excuse to not release or classification of SimplyE as "High Risk" lets opt to be unimpeachable. |
Given that SimplyE has been released for a while, and this change would still cause problems for patrons, I'm re-closing this issue. |
…ig-dir Mount config dir
We need to be able to look up a Patron record given username and barcode, but (once https://jira.nypl.org/browse/SIM-59 is complete) we never need to display username or barcode unless we just got it fresh from the ILS. This means we can store Patron.username and Patron.barcode in hashed form, eliminating a bit of plaintext PII from our dataset.
Transferred from Jira.
The text was updated successfully, but these errors were encountered: