Initial security fixes (#461)

* Initial sec * Update PII fields * FIX add tests * FIX safely read plaintext data on rake backfill * Update user.rb * FIX tests * encryption_ready? block * Test conditional to encryption on --------- Signed-off-by: Juan José Mata <juanjo.mata@gmail.com> Co-authored-by: Juan José Mata <juanjo.mata@gmail.com>
2026-06-02 01:09:01 +00:00 · 2026-01-23 22:05:28 +01:00
parent 71f10c5e4a
commit 696ff0966b
21 changed files with 645 additions and 55 deletions
--- a/app/models/invite_code.rb
+++ b/app/models/invite_code.rb
@@ -1,4 +1,11 @@
 class InviteCode < ApplicationRecord
+  include Encryptable
+
+  # Encrypt token if ActiveRecord encryption is configured
+  if encryption_ready?
+    encrypts :token, deterministic: true, downcase: true
+  end
+
  before_validation :generate_token, on: :create

  class << self