Summary
We need to decide and document how DevCard stores OAuth refresh tokens securely on the backend. This is foundational for the in-app connect feature (GitHub follow, future LinkedIn/Twitter actions) described in the architecture doc, and we want community input before locking in the approach.
Contexts
Per the product architecture, DevCard never stores passwords, only OAuth tokens issued by platforms (GitHub, LinkedIn, etc). These tokens need to be encrypted at rest, scoped per platform, revocable by the user at any time, and never exposed to client apps.
This issue is open for discussion. We want proposals on:
- Encryption strategy (e.g. AES-256 at the application layer vs database-level encryption vs a dedicated secrets manager)
- Where encryption keys themselves are managed (env-based KMS, cloud provider KMS, self-hosted vault)
- Token refresh flow: how we detect expiry and silently refresh without forcing re-auth
- Schema design: how tokens map to users and platforms in PostgreSQL
- Revocation flow: what happens end to end when a user disables in-app connect for a platform
Open a comment with your proposal, or open a draft PR if you want to demonstrate an approach. We'll discuss in the weekly call and the best proposal gets priority assignment to implement it, including any related sub-tasks the proposer identifies.
Tasks
Acceptance Criteria
Area
backend
Difficulty
Hard (discussion + design phase, implementation will be split into follow-up issues)
Summary
We need to decide and document how DevCard stores OAuth refresh tokens securely on the backend. This is foundational for the in-app connect feature (GitHub follow, future LinkedIn/Twitter actions) described in the architecture doc, and we want community input before locking in the approach.
Contexts
Per the product architecture, DevCard never stores passwords, only OAuth tokens issued by platforms (GitHub, LinkedIn, etc). These tokens need to be encrypted at rest, scoped per platform, revocable by the user at any time, and never exposed to client apps.
This issue is open for discussion. We want proposals on:
Open a comment with your proposal, or open a draft PR if you want to demonstrate an approach. We'll discuss in the weekly call and the best proposal gets priority assignment to implement it, including any related sub-tasks the proposer identifies.
Tasks
/docs/architecture/token-storage.mdAcceptance Criteria
Area
backendDifficulty
Hard (discussion + design phase, implementation will be split into follow-up issues)