I am happy to release my first Elixir library - ecto_encrypted_id.
With this library you can keep using integer primary keys in Postgres, while exposing encrypted and authenticated ids to the outside world. It means that:
- nobody can guess the real integer id of a resource
- nobody can access the resource even if they know the integer version without having the encrypted version of the id
Unlike using UUIDs as primary keys this approach is fairly cheap in terms of resources - you are just spending a few CPU cycles of application servers, which easily scale horizontally unlike database servers.
The library will try to play well with Phoenix, but doesn’t depend on it - you could use the encrypted ids in Plug, or even outside of the web.
To learn more about the library and how to use it please have a look at the project docs.
Any feedback is welcome!
