Mathis/memegoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Activity

feat: add PGP encryption utilities and apply automatic decryption to user schema

Browse Source 
Introduced centralized PGP encryption utilities and updated the `users` schema to enable automatic decryption for sensitive fields like `email` and `twoFactorSecret`.
This commit is contained in:
Mathis HERRIOT
2026-01-08 17:13:43 +01:00
parent 399bdab86c
commit 702868dec2
2 changed files with 7 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
backend/src/database/schemas/index.ts
View File

@@ -8,3 +8,4 @@ export * from "./reports";
export * from "./sessions"; export * from "./sessions";
export * from "./tags"; export * from "./tags";
export * from "./users"; export * from "./users";
export * from "./pgp";

14
backend/src/database/schemas/users.ts
View File

@@ -1,6 +1,6 @@
import { SQL, sql } from "drizzle-orm";
import { import {
boolean, boolean,
customType,
index, index,
pgEnum, pgEnum,
pgTable, pgTable,
@@ -8,13 +8,7 @@ import {
uuid, uuid,
varchar, varchar,
} from "drizzle-orm/pg-core"; } from "drizzle-orm/pg-core";
import { pgpEncrypted, withAutomaticPgpDecrypt } from "./pgp";
// Type personnalisé pour les données chiffrées PGP (stockées en bytea dans Postgres)
const pgpEncrypted = customType<{ data: string; driverData: string }>({
dataType() {
return "bytea";
},
});
export const userStatus = pgEnum("user_status", [ export const userStatus = pgEnum("user_status", [
"active", "active",
@@ -65,5 +59,9 @@ export const users = pgTable(
}), }),
); );
// Application du déchiffrement automatique pour les colonnes PGP
withAutomaticPgpDecrypt(users.email);
withAutomaticPgpDecrypt(users.twoFactorSecret);
export type UserInDb = typeof users.$inferSelect; export type UserInDb = typeof users.$inferSelect;
export type NewUserInDb = typeof users.$inferInsert; export type NewUserInDb = typeof users.$inferInsert;