dansup on Nostr: Adding the ability to edit S3 api key/secret credentials is sketchy and requires ...
Adding the ability to edit S3 api key/secret credentials is sketchy and requires careful consideration.
Before: fetch from cached .env variables
After: fetch from redis cache, if fails fetch from db, if fails fetch from cached .env vars
Now we need to store api keys in the database and hydrate the cache with the values, so I'm encrypting the db values and decrypting them in the redis cache.
Few db columns need this level of security, but I think I got this right 🤔
#pixelfed #security
Before: fetch from cached .env variables
After: fetch from redis cache, if fails fetch from db, if fails fetch from cached .env vars
Now we need to store api keys in the database and hydrate the cache with the values, so I'm encrypting the db values and decrypting them in the redis cache.
Few db columns need this level of security, but I think I got this right 🤔
#pixelfed #security