发表新帖
发表新帖

Rails: storing encrypted data in database

后端 未结
关注
5 902
后悔当初
后悔当初 2020-12-30 06:03

I want to encrypt database because confidential data is being stored. I use mongodb with mongoid. It possible for this kind of database? And what alternatives can you recome

相关标签:
5条回答
  • 无人共我
    2020-12-30 06:42

    I use MongoDB in an app with the Mongoid ruby adapter. Ryan Bates (the demigod of Rails) recently made an outstanding railscast on this very issue http://railscasts.com/episodes/250-authentication-from-scratch.

    I'm using this in a MongoDB app and it works perfectly for encrypting data. His tutorial video is mostly for encrypting passwords, but you can adapt it to any other field value you want.

    I also have used attr_encrypted with much success but I'm not sure if it will work with MongoDB; only used it with ActiveRecord.

    0 讨论(0)
  • 不知归路
    2020-12-30 06:46

    I have gotten attr_encrypted working with Mongo and Mongoid. It takes only a few tweaks.

    Make sure that all of the encrypted_ fields that are automatically created by attr_encrypted are explicitly created in the model. For instance, if you have:

        attr_encrypted :email, :key => 'blah blah blah', :encode => true

    you need to have:

        field :email, :type => String
    field :encrypted_email, :type => String

    Also notice you need to tell it to encode the encrypted string otherwise Mongo will complain loudly.

    Lastly, if you're encrypting a hash, do this:

        field :raw_auth_hash, :type => Hash
    field :encrypted_raw_auth_hash, :type => String

    attr_encrypted :raw_auth_hash, :key => 'blah', :marshal => true, :encode => true
    0 讨论(0)
  • 不知归路
    2020-12-30 06:52

    Try the mongoid-encrypted-fields gem - it is seamless as it handles encryption using mongoize/demongoize methods.

    Just define your field like:

    field :ssn, type: Mongoid::EncryptedString

    Then you can access it like normal, but the data is stored encrypted.

    0 讨论(0)
  • 无人及你
    2020-12-30 06:59

    http://ezcrypto.rubyforge.org/

    Using postgreSQL with the ezcrypto gem atm - works reasonably well although there are limitations in using associations between models with encrypted fields (this maybe down to my inability to find the correct up-to-date fork of this project).

    The encrypted fields are stored in the postgreSQL database as the BYTEA datatype and will usually require for single quotes to be escaped (another issue with the plugin),

    PostgreSQL does also have access to its own encryption / decryption modeul 'pgcrypto' which also returns a BYTEA datatype. Not sure how this would integrate with Rails activerecord and associations between models (probably badly :D).

    0 讨论(0)
  • 粉色の甜心
    2020-12-30 07:00

    I've had a lot of success with the attr_encrypted gem. However, I've only used it with ActiveRecord. I don't know if it works with MongoMapper or Mongoid.

    Regardless of how you implement this, I strongly recommend only encrypting certain fields. Don't encrypt every field in every table. Doing that will make it difficult to use associations, search using LIKE, etc.

    0 讨论(0)
 看不清?
提交回复
热议问题