Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature to Encrypt user email in database #1756 #2587

Closed
wants to merge 14 commits into from
Closed

Feature to Encrypt user email in database #1756 #2587

Show file tree
Hide file tree
Changes from 11 commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
f3af8ed
first
prayanshchh Oct 13, 2024
7583235
email encryption
prayanshchh Oct 13, 2024
3bcb124
conflicts
prayanshchh Oct 17, 2024
a895e95
Merge branch 'develop' into encrypt_email
prayanshchh Oct 18, 2024
cfcb403
added hashedEmails for faster lookups
prayanshchh Oct 20, 2024
5259ac7
Merge branch 'develop' of https://github.com/PalisadoesFoundation/tal…
prayanshchh Oct 20, 2024
908f567
Merge branch 'encrypt_email' of https://github.com/prayanshchh/prayan…
prayanshchh Oct 20, 2024
333ddc1
using crypto for hashing emails
prayanshchh Oct 24, 2024
8799953
tests for hashing and utility function
prayanshchh Oct 27, 2024
a0fba68
coderrabitai suggestion
prayanshchh Oct 29, 2024
7ffee91
suggestions
prayanshchh Oct 29, 2024
7dad60c
last_suggestion
prayanshchh Oct 29, 2024
789069c
fixing tests
prayanshchh Oct 29, 2024
483ac61
new suggestions
prayanshchh Oct 29, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 13 additions & 1 deletion .env.sample
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,4 +104,16 @@ MINIO_DATA_DIR=

# this environment variable is for setting the environment variable for Image Upload size

IMAGE_SIZE_LIMIT_KB=3000
IMAGE_SIZE_LIMIT_KB=3000

# This environment variable provides the encryption key for securing user email addresses.
# Format: Base64-encoded 32-byte key
# Generation: Use a cryptographically secure method to generate this key
# WARNING: Keep this value secret and never commit it to version control
ENCRYPTION_KEY=

Comment on lines +113 to +114
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Add documentation for ENCRYPTION_KEY.

Since this is a critical security variable used for email encryption, please add documentation comments above the variable that specify:

  • Its purpose (email encryption)
  • Required format (e.g., base64-encoded 32-byte key)
  • Generation instructions
  • Security considerations

Apply this diff:

+# This environment variable provides the encryption key for securing user email addresses.
+# Format: Base64-encoded 32-byte key
+# Generation: Use a cryptographically secure method to generate this key
+# WARNING: Keep this value secret and never commit it to version control
 ENCRYPTION_KEY=
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
ENCRYPTION_KEY=
# This environment variable provides the encryption key for securing user email addresses.
# Format: Base64-encoded 32-byte key
# Generation: Use a cryptographically secure method to generate this key
# WARNING: Keep this value secret and never commit it to version control
ENCRYPTION_KEY=

# This environment variable provides additional entropy for email hashing
# Format: Random string of at least 32 characters
# Generation: Use a cryptographically secure random string generator
# WARNING: Keep this value secret and never commit it to version control
HASH_PEPPER =
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix formatting and add documentation for HASH_PEPPER.

The variable has a trailing space in its name which could cause issues. Additionally, as this is a security-critical variable, it needs proper documentation.

Apply this diff:

-HASH_PEPPER = 
+# This environment variable provides additional entropy for email hashing
+# Format: Random string of at least 32 characters
+# Generation: Use a cryptographically secure random string generator
+# WARNING: Keep this value secret and never commit it to version control
+HASH_PEPPER=
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
HASH_PEPPER =
# This environment variable provides additional entropy for email hashing
# Format: Random string of at least 32 characters
# Generation: Use a cryptographically secure random string generator
# WARNING: Keep this value secret and never commit it to version control
HASH_PEPPER=

Loading