akita icon indicating copy to clipboard operation
akita copied to clipboard
verified publisher icon salesforce

feat(persistState): added encryption configuration for data persistence

Open lucbevilaqua opened this issue 1 year ago • 2 comments

PR Checklist

  • [x] The commit message follows our guidelines: https://github.com/datorama/akita/blob/master/CONTRIBUTING.md#commit
  • [x] Tests for the changes have been added (for bug fixes / features)
  • [ ] Docs have been added / updated (for bug fixes / features)

PR Type

What kind of change does this PR introduce?

[ ] Bugfix
[x] Feature
[ ] Code style update (formatting, local variables)
[ ] Refactoring (no functional changes, no api changes)
[ ] Build related changes
[ ] CI related changes
[ ] Documentation content changes
[ ] Other... Please describe:

What is the current behavior?

Prior to this change, sensitive data could be stored in the storage without any encryption security. This meant that any data, regardless of its sensitivity, was stored in plain text, making it vulnerable to unauthorized access and potential data breaches

What is the new behavior?

With the new change, sensitive data is now stored securely using encryption. This means that before any data is stored, it is first encrypted using a secure encryption algorithm. This significantly enhances the security of the data, making it much harder for unauthorized individuals to access or decipher the stored data. This is particularly beneficial for sensitive data, as it adds an extra layer of protection against potential data breaches. In addition to the encryption feature, it is strongly recommended to personalize the security key in the project. This key can be obtained from an .env file, GitHub secrets, or other secure sources. Using a personalized security key greatly enhances the security of the encryption. It is not advised to use the default encryption secretKey, as this could potentially weaken the security of the stored data. By using a unique and secure key, you ensure that your encrypted data remains as secure as possible.

Does this PR introduce a breaking change?

[ ] Yes
[x] No

lucbevilaqua avatar Jun 14 '24 05:06 lucbevilaqua

Thanks for the contribution! Before we can merge this, we need @lucbevilaqua to sign the Salesforce Inc. Contributor License Agreement.

salesforce-cla[bot] avatar Jun 14 '24 05:06 salesforce-cla[bot]

fixed @lucbevilaqua

anish avatar Jun 14 '24 06:06 anish