Skip to content

Add encryption support to use_user_data hook #193

New issue
New issue
Open
Feature
Open
Add encryption support to use_user_data hook#193
Feature
Labels
complexity: 2 (medium)priority: 3 (low)
@Archmonger

Description

@Archmonger
Archmonger
opened on Oct 1, 2023

Current Situation

Our use_user_data hook stores user data as unencrypted binary. If the user wants to encrypt certain key/values, this needs to be done manually which is highly inconvenient.

Proposed Actions

Add built-in encryption support to this hook. This design will be inspired by django-searchable-encrypted-fields.

Based on that library, here's a few specifics about the implementation:

  1. Create settings.py:REACTPY_USER_DATA_ENCRYPTION_KEYS: list
  2. Add encrypted = models.BooleanField(default=False) to UserDataModel and ComponentSession
  3. Add new manage.py reactpy_upgrade_data_encryption management command.
    • Encryption keys are upgraded lazily by default, but this command will be used to manually upgrade all data to the newest encryption key.
  4. Add a check to manage.py check --deploy that warns if encryption is not enabled.
  5. Warn if encryption keys are too short or lack entropy.

Metadata

Metadata

Assignees

No one assigned

    Labels

    complexity: 2 (medium)priority: 3 (low)

    Type

    Feature

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions