Encrypt Variables securely #8
Conversation
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
| setCanCreateSecrets(false); | ||
| } | ||
| }) | ||
| }); |
There was a problem hiding this comment.
we can use the fetched key and check if it's null, as it is a nullable field. If the key is null, the button that triggers the key creation will remain enabled. Otherwise, if the key exists, the button will be disabled. This approach allows us to avoid using useEffect.
There was a problem hiding this comment.
Since it's only 2 levels down (page > TFVarDetails > TFVarTable), we can fetch the value of getProjectKey(projectId) and check if it's null. As an alternative, we can return a boolean from a function called isProjectPublicKeyCreated and pass that value as true. Since we are anyway not using the key within the client components and are just checking the boolean value, there's no need to fetch the actual value, and this approach is a bit more secure, I believe.
| import { EnvVar } from '@/types/userTypes'; | ||
| import { constants, publicEncrypt } from 'crypto'; | ||
|
|
||
| export async function encryptSecretWithPublicKey( |
There was a problem hiding this comment.
It would be better if we directly pass the value to this function, as it is the primary basis for this action, rather than fetching it within it.
src/data/admin/env-vars.ts
Outdated
| return encrypted.toString('base64'); | ||
| } | ||
|
|
||
| export async function getProjectPublicKey( |
There was a problem hiding this comment.
If we choose not to fetch from useEffect (mentioned earlier), we already have the organizationId when we fetch the slim project on the parent page. This allows us to refactor the function to getOrganizationPublicKey(organizationId).
merge main into feat/encrypt-variables
Goal
Notes
src/data/admin/env-vars.tsis mostly a copy ofencryption.tswith some functions removed, others renamed