Friendly.rb - Your friendly European Ruby Conference Execution context
Avo::Services::EncryptionService it's used internally by Avo when is needed to encrypt sensible params.
One example is the select all feature, where we pass the query, encrypted, through params.
How does the Avo::Services::EncryptionService work?
The EncryptionService is an service that can be called anywhere on the app.
Public methods
-> encrypt
Used to encrypt data
-> decrypt
Used to decrypt data
Mandatory arguments:
-> message
Object to be encrypted
-> purpose
A symbol with the purpose of encryption, can be anything, it just need to match when decrypting.
Optional arguments
This service uses ActiveSupport::MessageEncryptor as encryptor so Avo::Services::EncryptionService accepts any argument specified on ActiveSupport::MessageEncryptor documentation
Usage example
Basic text:
secret_encryption = Avo::Services::EncryptionService.encrypt(message: "Secret string", purpose: :demo)
# "x+rnETtClF2cb80PtYzlULnVB0vllf+FvwoqBpPbHWa8q6vlml5eRWrwFMcYrjI6--h2MiT1P5ctTUjwfQ--k2WsIRknFVE53QwXADDDJw=="
Avo::Services::EncryptionService.decrypt(message: secret_encryption, purpose: :demo)
# "Secret string"Objects with custom serializer:
secret_encryption = Avo::Services::EncryptionService.encrypt(message:Course::Link.first, purpose: :demo, serializer: Marshal)
# "1UTtkhu9BDywzz8yl8/7cBZnOoM1wnILDJbT7gP+zz8M/t1Dve4QTFQP5nfHZdYK9KvFDwkizm8DTHyNZdixDtCO/M7yNMlzL8Mry1RQ3AF0qhhTzFeqb5UqyQv/Cuq+NWvQ+GXv3gFckXaNqsFSX5yDccEpRDpyNkYT4MFxOa+8hVR4roebkNKB89lb73anBDTHsTAd37y2LFiv2YaiFguPQ/...
Avo::Services::EncryptionService.decrypt(message: secret_encryption, purpose: :demo, serializer: Marshal)
# #<Course::Link:0x00007fd28dc44c00 id: 1, link: "http://ortiz.com/cher_mohr", course_id: 1, created_at: Thu, 07 Dec 2023 11:05:13.779644000 UTC +00:00, updated_at: Thu, 07 Dec 2023 11:05:13.779644000 UTC +00:00, position: 1>Secret key base
WARNING
Avo::Services::EncryptionService fetches a secret key base to be used on the encrypt / decrypt process. Make sure that you have it defined in any of the following:
ENV["SECRET_KEY_BASE"] || Rails.application.credentials.secret_key_base || Rails.application.secrets.secret_key_base