Storing only hashed email
-
Hey,
For privacy reasons, I want to only store the hashed-salted version of a user's email (in favor of restoring the user's password for example).
It seems one way to go about this is to hook to action:user.email.confirmed and there generate a salt, created hashed email, store hashed email and salt and remove the non-hashed email from the db.
Then I would also need to also hook somewhere in the forgot email logic.
This would also require disabling email editing for the user of course.The downsides of the above are:
- The email is kept in the db during confirmation stage.
- Its a bit wasteful to write the non hashed email and then delete it and write the hashed one.
I'm new to NodeBB (and web development in general), and would appreciate any pointers.
Thanks!
-
How would password resets be done?
-
Ah good point. What about users who don't confirm their email?
-
N Nir S marked this topic as a question on
-
You could instead only keep the email around until the validation email is sent, then replace it with the hash.
-
Thanks!
I guess I can hook to action:user.email.confirmed for reading the existing email and then replacing it with a hashed version.
However, password reset wouldn't work since it wouldn't find the uid for the (non hashed) email address provided (here).
We can add a hook for preprocessing the email before looking for the uid, but that won't be enough since later the email is sent according to the email field in the db (i.e. not the email provided by the user when asking to reset).
One possible solution is:
- Add a hook for preprocessing the email used for getting the uid.
- Pass the provided email in params to emailer.send (here) like it's done for welcome and email verification.
- And here instead of checking that for the template check if params.email is defined.
Does that make sense?
-
