Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Encryption] We need to encrypt the data saved to MongoDb #84

Closed
tomassirio opened this issue Oct 8, 2020 · 11 comments
Closed

[Encryption] We need to encrypt the data saved to MongoDb #84

tomassirio opened this issue Oct 8, 2020 · 11 comments
Assignees
Labels

Comments

@tomassirio
Copy link
Owner

Data is private. We need to encrypt the Discord channels, users, and elements added to the list when we are saving them to the Db instance.

A next issue will add a secret key for the Hash function

@aaronzshey
Copy link
Contributor

I can work on this! Can we use bcrypt?

@tomassirio
Copy link
Owner Author

Sure! I'll assign it to you. There's a discord server if you want to join

@aaronzshey
Copy link
Contributor

Awesome! I'll get on it right away.

@aaronzshey
Copy link
Contributor

Which file should I start editing?

@aaronzshey
Copy link
Contributor

Update: I am going to use crypto instead of bcrypt.

@tomassirio
Copy link
Owner Author

Sure, I read the article you gave me and seems pretty readable.

@aaronzshey
Copy link
Contributor

Cool - we can probably merge this with the secret for encryption issue.

@sdanpo
Copy link

sdanpo commented Oct 9, 2020

Hi Tomas,
Another option to encrypt (and still operate over the encrypted data) is to use Kindite.
It is an encryption mechanism which wihtout any code changes completely encrypts the needed fields and allows you to operate on them without any performance hit.

In case you would like to read more https://blog.kindite.com/hubfs/Use%20case%20-%20Hybrid%20B2C%20apps.pdf

@tomassirio
Copy link
Owner Author

I'm going to read it through out the day. If you think this changes are better than the ones proposed by @CarlyRaeJepsenStan, please debate them with him. Btw, since debating through issues is kind of a hassle (even though it's by far more organized) we are disccussing this changes on the official discord server, please come and chat with us

@aaronzshey
Copy link
Contributor

@sdanpo While Kindite looks useful and fast, it seems to be a production/business product - you have to pay, and it seems geared to massive server networks. For our humble uses, I think crypto would work ok.

@aaronzshey
Copy link
Contributor

#108

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

3 participants