Skip to content
This repository has been archived by the owner on Oct 21, 2024. It is now read-only.

Encrypt GitHub Access Tokens #184

Open
4 tasks
alysivji opened this issue Jun 26, 2019 · 0 comments
Open
4 tasks

Encrypt GitHub Access Tokens #184

alysivji opened this issue Jun 26, 2019 · 0 comments
Labels

Comments

@alysivji
Copy link
Member

As a developer, I want to secure bearer tokens stored in our database.

During the GitHub OAuth flow, we get bearer tokens from GitHub. These are saved in the database, but not encrypted. We don't use these tokens and only use GitHub to verify identity. There really isn't a risk here, but wanted to make a ticket to get it on the backlog.

Workflow

  • create new field with EncryptedType
  • write scriptt to run thru records and convert
  • delete old field and rename new field
  • have a script run to enter a record into the database, if one does not exist
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

No branches or pull requests

1 participant