[英]Best way to store bank account information of users?
What is the best way to safely store bank account information of users in a ruby on rails app? 将用户的银行帐户信息安全存储在Rails应用程序中的最佳方式是什么?
I would like to store the information in a way in which admins can view the full bank info while still being encrypted in the database. 我想以一种管理员可以查看完整银行信息的方式存储信息,同时仍在数据库中对其进行加密。
The point of this is so that I have a quick reference to their bank info in order to wire money to their bank accounts from my own bank website. 这样做的重点是,我可以快速参考他们的银行信息,以便将钱从我自己的银行网站电汇到他们的银行帐户。
Is this a good idea? 这是一个好主意吗?
Any ideas for doing this securely with minimum liability? 有任何想法以最低的责任安全地这样做吗?
Thanks 谢谢
for something like this I like to use the attr_encrypted gem this is really simple to use 对于这样的事情,我喜欢使用attr_encrypted gem,这真的很容易使用
1) add the attr_encrypted to the Gemfile 1)将attr_encrypted添加到Gemfile
gem "attr_encrypted"
2) now in your model you can do something like 2)现在,您可以在模型中执行以下操作
class User
attr_encrypted :bank_account_number, key: 'This is a key that is 256 bits!!'
end
3) now all you need to know is how to get the data out 3)现在您需要知道的是如何获取数据
user = User.new
user.bank_account_number = '123456789'
user.bank_account_number # returns the unencrypted object ie. '123456789'
user.encrypted_bank_account_number # returns the encrypted version of :bank_account_number
I hope that this helps Happy Hacking user.save 我希望这对Happy Hacking user.save有帮助
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.