encrypt user email

compassionprojects · Mar 16, 2024 · 34e9414 · 34e9414
1 parent 5f14c76
commit 34e9414
Show file tree

Hide file tree

Showing 5 changed files with 37 additions and 1 deletion.
diff --git a/.env.development.local.template b/.env.development.local.template
@@ -1,14 +1,23 @@
 DATABASE_URL=postgres://localhost:5432/socialchange_development
+
 DOMAIN_NAME=localhost
 [email protected]
+
 SECRET_KEY=
+
 EMAIL_SERVER_HOST=smtp.email-service.com
 EMAIL_SERVER_PORT=465
 [email protected]
 EMAIL_SERVER_PASSWORD=
+
 AWS_ENDPOINT_URL_S3=
 AWS_ACCESS_KEY_ID=
 AWS_SECRET_ACCESS_KEY=
 AWS_REGION=
 BUCKET_NAME=
+
 BUGSNAG_API_KEY=
+
+ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=
+ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=
+ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -3,6 +3,10 @@
 class User < ApplicationRecord
   include Discard::Model
 
+  # Encrypt email attribute
+  # We use deterministic encryption to allow searching by email (esp when inviting)
+  encrypts :email, deterministic: true, downcase: true
+
   has_and_belongs_to_many :roles
 
   has_many :stories, dependent: :destroy

diff --git a/config/application.rb b/config/application.rb
@@ -19,6 +19,20 @@ class Application < Rails::Application
     # config.time_zone = "Central Time (US & Canada)"
     # config.eager_load_paths << Rails.root.join("extras")
 
+    # Active Record Encryption configuration
+    config.active_record.encryption.primary_key = ENV["ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY"]
+    config.active_record.encryption.deterministic_key = ENV["ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY"]
+    config.active_record.encryption.key_derivation_salt = ENV["ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT"]
+
+    # When true, queries referencing deterministically encrypted attributes
+    # will be modified to include additional values if needed.
+    # https://guides.rubyonrails.org/v7.0/active_record_encryption.html#config-active-record-encryption-extend-queries
+    config.active_record.encryption.extend_queries = true
+
+    # Support unencrypted data to ease migration
+    # @todo - remove this once all data is encrypted and migrated
+    config.active_record.encryption.support_unencrypted_data = true
+
     # https://guides.rubyonrails.org/configuring.html#configuring-i18n
     config.i18n.available_locales = %i[en nl]
     config.i18n.default_locale = :en

diff --git a/db/migrate/20240316113449_encrypt_email_user_attribute.rb b/db/migrate/20240316113449_encrypt_email_user_attribute.rb
@@ -0,0 +1,9 @@
+class EncryptEmailUserAttribute < ActiveRecord::Migration[7.1]
+  def up
+    User.all.find_each { |u| u.encrypt.save }
+  end
+
+  def down
+    User.all.find_each { |u| u.decrypt.save }
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb