I am working on a productivity note-taking app. Notes that users take are stored in a raw-text format at the time being. Are there any techniques I can put into action to prevent people who are not the user with stored information to decrypt their information?
Thanks!
Normally you would keep a record of who each note belongs to, and then use that in your website's views to determine what was visible to each user.
So, for example, if you were using Django, you would have a User model, and each session would have an associated user. Each note would have a foreign key relationship with a User, and in your views you would filter which notes were shown in a particular session by the User associated with that session. That would mean that a user would only be able to see their own stuff.
If that is all pretty new stuff to you, you will be able to find great resources by Googling for the name of your web framework plus "user", "session", and so on. And you'll probably be able to get great explanations from ChatGPT too -- it's very good at that kind of explanation.
Sorry! I think that I explained my question wrong. I have each note associated with a user but I would like to encrypt their note in a way where I cannot decrypt it for security.
Do you want to encrypt and decrypt it on the client side?
Yes. I don't want people who have access to my server to be able to read the notes in a raw format.
Then you need to implement some client-side solution. We can't recommend anything out of the box.
giles
|
11788
posts
|
PythonAnywhere staff
|
