prisma1 icon indicating copy to clipboard operation
prisma1 copied to clipboard

Published 20 hours ago • verified publisher icon prisma

Optional field encryption

Open mxstbr opened this issue 6 years ago • 6 comments

Describe the feature you'd like

It would be awesome if one could encrypt certain fields (or columns) at the db level automatically. For example:

type User {
  id: ID! @unique
  email: String! @encrypt
}

All emails would now be encrypted with a globally configured key in the database, making it harder for a potential hacker to get the list of emails of our users.

Postgres has a db-level feature that allows this (https://www.postgresql.org/docs/8.1/encryption-options.html), but I don't know about other databases.

Describe alternatives you've considered

  • One could handle this in the application layer, but that's tedious and error-prone. It'd be much nicer if Prisma handled this out of the box

mxstbr avatar Nov 15 '18 08:11 mxstbr

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 10 days if no further activity occurs. Thank you for your contributions.

stale[bot] avatar Jan 08 '19 16:01 stale[bot]

This would be much needed feature to store passwords on the database.

JonnyBGod avatar Jan 27 '19 04:01 JonnyBGod

Ping. We also want this (not for storing passwords in the database though!)

codeincontext avatar Feb 12 '19 20:02 codeincontext

This would work great for handling PII and other compliance stuff.

johhansantana avatar May 16 '19 17:05 johhansantana

i thik its useful

Fabiomad85 avatar May 23 '19 19:05 Fabiomad85

Also interested in this! My use case is that I'm building an API based product and want to store the API keys I issue in the database. Encrypting this data would make it a bit safer in case the database gets leaked.

athyuttamre avatar Oct 21 '21 06:10 athyuttamre