Brian Mr wrote:
Pål Bergström wrote:
I'm using a Crypto.encrypt("string") to create a record for a column and
Crypto.decrypt(column) when reading and presenting it in the browser. I
do this in the controller. Can I do it in the model instead?
Yes. You can create a custom attribute for the unencypted version,
which will exist in memory and not be persisted. You can then use a
Callback to encrypt and set the persisted column before an
insert/update. Look at examples of authentication plugins and blog
posts and you'll see how it's done.
Also, don't forget to filter the parameter in the controller (e.g.
filter_parameter_loggoing :password) so the form posted parameter is not
logged in clear text, assuming you're accepting if from a form that is.
I got it working with before_save in the model, encrypting the data
before it goes to the db. Great.
But what about before show or listing records? How can I make a similar
decrypt? Don't understand what to use.