Hi,
I been asked by one of my colleges to look at security on Umbraco Forms and Sensitive Data will only take us so far, any field that set as Sensitive Data is not Encrypted in the data base and I like it to be.
Could I write some middleware that when a form is saved and then viewed I can Encrypt and Decrypt that data on the fly?
I must admit I’ve never looked into how the sensitive data fields work under the hood.
Have you looked at creating a custom field type for this?
We not look at that, I take a look.
Can any one give me a work example of
Thanks.
Another idea could be to use a custom workflow. This way you can encrypt sensitive form field values before they’re saved to the database, ensuring data protection at rest.
In the Umbraco form you would then select this new workflow. The below code is not fully accurate or tested but help get started.
public class EncryptFieldWorkflow : WorkflowType
{
public override Task<WorkflowExecutionStatus> ExecuteAsync(WorkflowExecutionContext context)
{
var fieldAlias = "someFieldNameToEncrypt"; // Replace with your field alias
if (context.Record.RecordFields.TryGetValue(fieldAlias, out var field))
{
var originalValue = field.Values[""]?.ToString();
if (!string.IsNullOrEmpty(originalValue))
{
var encryptedValue = Encrypt(originalValue);
field.Values[""] = encryptedValue;
}
}
return Task.FromResult(WorkflowExecutionStatus.Completed);
}
public override List<Exception> ValidateSettings()
{
throw new NotImplementedException();
}
private string Encrypt(string plainText)
{
// Write your Encryption logic here
}
}
Remember to register your workflow
public void Compose(IUmbracoBuilder builder)
{
builder.WithCollectionBuilder<WorkflowCollectionBuilder>()
.Add<EncryptFieldWorkflow>();
}
Hope this helps.
Thank you or the example.
Have you considered raising this on the issue tracker?
Sounds like something forms should have a setting for at least
Matt