From aaec940b1ba6975978c7fb0af77bb51f12208b3c Mon Sep 17 00:00:00 2001 From: Ved Prakash <54140516+thorved@users.noreply.github.com> Date: Sun, 5 Oct 2025 05:39:10 +0530 Subject: [PATCH] Adds camelCase support for encrypted field mappings (#342) Extends encrypted field mappings to include camelCase variants to support consistency and compatibility with different naming conventions. Updates reverse mappings for Drizzle ORM to allow conversion between camelCase and snake_case field names. Improves integration with systems using mixed naming styles. --- src/backend/utils/field-crypto.ts | 15 ++++++++++++++- src/backend/utils/lazy-field-encryption.ts | 4 ++++ 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/src/backend/utils/field-crypto.ts b/src/backend/utils/field-crypto.ts index 098b5b8e..2be3935e 100644 --- a/src/backend/utils/field-crypto.ts +++ b/src/backend/utils/field-crypto.ts @@ -17,18 +17,31 @@ class FieldCrypto { private static readonly ENCRYPTED_FIELDS = { users: new Set([ "password_hash", + "passwordHash", "client_secret", + "clientSecret", "totp_secret", + "totpSecret", "totp_backup_codes", + "totpBackupCodes", "oidc_identifier", + "oidcIdentifier", + ]), + ssh_data: new Set([ + "password", + "key", + "key_password", + "keyPassword", ]), - ssh_data: new Set(["password", "key", "key_password"]), ssh_credentials: new Set([ "password", "private_key", + "privateKey", "key_password", + "keyPassword", "key", "public_key", + "publicKey", ]), }; diff --git a/src/backend/utils/lazy-field-encryption.ts b/src/backend/utils/lazy-field-encryption.ts index 8eae9193..06c43d8c 100644 --- a/src/backend/utils/lazy-field-encryption.ts +++ b/src/backend/utils/lazy-field-encryption.ts @@ -6,6 +6,10 @@ export class LazyFieldEncryption { key_password: "keyPassword", private_key: "privateKey", public_key: "publicKey", + // Reverse mappings for Drizzle ORM (camelCase -> snake_case) + keyPassword: "key_password", + privateKey: "private_key", + publicKey: "public_key", }; static isPlaintextField(value: string): boolean {