Current section: Honeypot 6 exercises

Consistent Encryption with Honeypot Server


00:00 There's one last consideration with our Honeypot server, and that is if we don't have this configured or it's set to undefined as it will be in production, we'll have these fields in here. The interesting thing is that one server could send the form, and then another server could handle the form.

00:18 So if we distribute our app into multiple regions or have multiple instances of our app running, then generating the form with one server and then submitting the form to another server, there will be a problem because this is going to have a different encryption secret for these. So the RemixUtils package will actually

00:37 generate a encryption secret at runtime, at the start time of our application. So this would be a problem. So we need to have a seed for that encryption secret. So that way, it's going to be the same for all of our applications. So we're going to use an environment variable for that. There's not actually a whole lot to this, and also Kelly, the coworker,

00:56 did make a little utility for us to make this a little easier to apply these to all of our apps. But we're not actually going to be directly working with that in this step of the exercise. All that you're going to be focusing on is creating a honeypot secret environment variable and supplying it here so that the secret that's used to

01:16 encrypt our from confirm field is going to be the same, regardless of what server generated the HTML and what server is doing the checking. So, get to it.