Protect sensitive data

Always identify and properly protect sensitive data fields in your code. Sensitive information includes IP addresses, API keys, authentication tokens, personal identification data, and high-privilege credentials.

Key practices:

• Remove unnecessary sensitive fields from storage (like IP addresses in usage records)
• Encrypt sensitive user data before database storage (API keys, tokens)
• Be aware of sensitive data in external payloads (webhooks, API responses)
• Avoid storing high-privilege credentials like accessKey/accessSecret in plaintext
• Treat personal data (ID cards, phone numbers) as highly confidential

Example of proper sensitive data handling:

// Bad: Storing IP address unnecessarily
export const usageRecords = pgTable('usage_records', {
  ipAddress: text('ip_address'), // Remove this sensitive field
});

// Good: Encrypt sensitive user data
const encryptedKeyVaults = encrypt(userKeyVaults); // Encrypt API keys before storage

// Good: Be cautious with webhook data containing sensitive fields
const parsed = JSON.parse(payloadString) as CasdoorWebhookPayload;
// Be aware this may contain accessKey, accessSecret, idCard, etc.

Always ask: “Does this field contain sensitive information?” and “How can I minimize exposure while maintaining functionality?”