add email encryption and decryption, now newsletter will actually send emails

Tony Qiu · Tony Qiu · commit cd050ad5fce2 · 2025-10-14T18:26:01.000-04:00
diff --git a/backend/.env.example b/backend/.env.example
@@ -0,0 +1,41 @@
+# Django Configuration
+SECRET_KEY=your-secret-key-here
+PRODUCTION=0
+DEBUG=True
+
+# Database Configuration
+# Set USE_SQLITE=1 for local development with SQLite
+USE_SQLITE=1
+
+# PostgreSQL Configuration (for production)
+POSTGRES_DB=postgres
+POSTGRES_USER=postgres
+POSTGRES_PASSWORD=your-supabase-password
+POSTGRES_HOST=your-project.supabase.co
+POSTGRES_PORT=6543
+SUPABASE_DB_URL=postgresql://postgres:password@your-project.supabase.co:6543/postgres
+
+# Email Service (Resend)
+RESEND_API_KEY=your-resend-api-key
+RESEND_FROM_EMAIL=onboarding@resend.dev
+
+# OpenAI API
+OPENAI_API_KEY=your-openai-api-key
+
+# AWS S3 Configuration
+AWS_S3_BUCKET_NAME=your-s3-bucket-name
+AWS_DEFAULT_REGION=us-east-2
+
+# Email Encryption
+EMAIL_ENCRYPTION_KEY=32-character-base64-encryption-key
+EMAIL_HASH_KEY=32-character-base64-hash-key
+
+# Instagram Scraping
+USERNAME=your-instagram-username
+PASSWORD=your-instagram-password
+CSRFTOKEN=your-csrf-token
+SESSIONID=your-session-id
+DS_USER_ID=your-ds-user-id
+MID=your-mid
+IG_DID=your-ig-did
+DOC_ID=
diff --git a/backend/apps/newsletter/migrations/0003_add_encrypted_email.py b/backend/apps/newsletter/migrations/0003_add_encrypted_email.py
@@ -0,0 +1,26 @@
+# Generated manually for encrypted email support
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("newsletter", "0002_auto_20251013_0521"),
+    ]
+
+    operations = [
+        # Add the encrypted email field as nullable first
+        migrations.AddField(
+            model_name="newslettersubscriber",
+            name="email_encrypted",
+            field=models.TextField(
+                blank=True, null=True, help_text="Encrypted email address"
+            ),
+        ),
+        # Since we have no existing data, we can make it non-nullable
+        migrations.AlterField(
+            model_name="newslettersubscriber",
+            name="email_encrypted",
+            field=models.TextField(help_text="Encrypted email address"),
+        ),
+    ]
diff --git a/backend/apps/newsletter/models.py b/backend/apps/newsletter/models.py
@@ -3,10 +3,15 @@
 
 from django.db import models
 
+from utils.encryption_utils import email_encryption
+
 
 class NewsletterSubscriber(models.Model):
+    email_encrypted = models.TextField(help_text="Encrypted email address")
     email_hash = models.CharField(
-        max_length=128, unique=True, help_text="SHA-256 hash of the email"
+        max_length=128,
+        unique=True,
+        help_text="SHA-256 hash of the email for uniqueness checks",
     )
     subscribed_at = models.DateTimeField(auto_now_add=True)
     is_active = models.BooleanField(default=True)
@@ -30,7 +35,7 @@ def __str__(self):
 
     @staticmethod
     def hash_email(email):
-        """Create a SHA-256 hash of the email address"""
+        """Create a SHA-256 hash of the email address for uniqueness checks"""
         return hashlib.sha256(email.lower().strip().encode("utf-8")).hexdigest()
 
     @classmethod
@@ -44,10 +49,25 @@ def get_by_email(cls, email):
 
     @classmethod
     def create_subscriber(cls, email):
-        """Create a new subscriber with hashed email"""
+        """Create a new subscriber with encrypted email"""
         email_hash = cls.hash_email(email)
-        return cls.objects.create(email_hash=email_hash, is_active=True)
+        email_encrypted = email_encryption.encrypt_email(email)
+        return cls.objects.create(
+            email_encrypted=email_encrypted, email_hash=email_hash, is_active=True
+        )
+
+    def get_email(self):
+        """Decrypt and return the actual email address"""
+        return email_encryption.decrypt_email(self.email_encrypted)
 
     def get_email_display(self):
         """Return a masked version of the email for display purposes"""
-        return f"***@{self.email_hash[:4]}..."
+        email = self.get_email()
+        if email:
+            # Show first 2 chars and domain
+            local, domain = email.split("@", 1)
+            masked_local = (
+                local[:2] + "*" * (len(local) - 2) if len(local) > 2 else local
+            )
+            return f"{masked_local}@{domain}"
+        return "***@***"
diff --git a/backend/apps/newsletter/views.py b/backend/apps/newsletter/views.py
@@ -51,7 +51,7 @@ def newsletter_subscribe(request):
         from services.email_service import email_service
 
         email_sent = email_service.send_welcome_email(
-            email, str(subscriber.unsubscribe_token)
+            subscriber.get_email(), str(subscriber.unsubscribe_token)
         )
 
         if email_sent:
diff --git a/backend/config/db.sqlite3 b/backend/config/db.sqlite3
diff --git a/backend/requirements.txt b/backend/requirements.txt
@@ -20,6 +20,9 @@ openai
 # Email service
 resend==0.8.0
 
+# Encryption
+cryptography==41.0.7
+
 # AWS S3 for image storage
 boto3==1.34.0
 Pillow>=10.0.0
diff --git a/backend/scripts/send_newsletter.py b/backend/scripts/send_newsletter.py
@@ -49,7 +49,7 @@ def send_to_subscriber(subscriber):
             return False, str(e)
 
     for subscriber in active_subscribers:
-        email_sent, error = send_to_subscriber(subscriber)
+        email_sent, error = send_to_subscriber(subscriber.get_email())
 
         if email_sent:
             success_count += 1
diff --git a/backend/utils/encryption_utils.py b/backend/utils/encryption_utils.py
@@ -0,0 +1,66 @@
+"""
+Encryption utilities for sensitive data like email addresses.
+Uses Fernet (symmetric encryption) for encrypting/decrypting emails.
+"""
+
+import base64
+import hashlib
+import hmac
+import os
+
+from cryptography.fernet import Fernet
+from dotenv import load_dotenv
+
+load_dotenv()
+
+EMAIL_ENCRYPTION_KEY = os.getenv("EMAIL_ENCRYPTION_KEY")
+EMAIL_HASH_KEY = os.getenv("EMAIL_HASH_KEY").encode("utf-8")
+
+
+class EmailEncryption:
+    """Handles encryption and decryption of email addresses."""
+
+    def __init__(self):
+        self.cipher = Fernet(EMAIL_ENCRYPTION_KEY)
+
+    def encrypt_email(self, email):
+        """Encrypt an email address."""
+        if not email:
+            return None
+
+        # Normalize email (lowercase, strip whitespace)
+        normalized_email = email.lower().strip()
+
+        # Encrypt the email
+        encrypted_bytes = self.cipher.encrypt(normalized_email.encode("utf-8"))
+
+        # Return base64 encoded string for database storage
+        return base64.b64encode(encrypted_bytes).decode("utf-8")
+
+    def decrypt_email(self, encrypted_email):
+        """Decrypt an email address."""
+        if not encrypted_email:
+            return None
+
+        try:
+            # Decode from base64
+            encrypted_bytes = base64.b64decode(encrypted_email.encode("utf-8"))
+
+            # Decrypt
+            decrypted_bytes = self.cipher.decrypt(encrypted_bytes)
+
+            # Return as string
+            return decrypted_bytes.decode("utf-8")
+        except Exception as e:
+            print(f"Error decrypting email: {e}")
+            return None
+
+    def create_email_hash(self, email):
+        normalized_email = email.lower().strip()
+        return hmac.new(
+            EMAIL_HASH_KEY, normalized_email.encode("utf-8"), hashlib.sha256
+        ).hexdigest()
+
+
+# Global instance
+email_encryption = EmailEncryption()
diff --git a/frontend/.env.example b/frontend/.env.example
@@ -0,0 +1,2 @@
+# API Configuration
+VITE_API_BASE_URL=http://localhost:8000

Original file line number	Diff line number	Diff line change
`@@ -51,7 +51,7 @@ def newsletter_subscribe(request):`
`51`	`51`	`from services.email_service import email_service`
`52`	`52`
`53`	`53`	`email_sent = email_service.send_welcome_email(`
`54`		`- email, str(subscriber.unsubscribe_token)`
	`54`	`+ subscriber.get_email(), str(subscriber.unsubscribe_token)`
`55`	`55`	`)`
`56`	`56`
`57`	`57`	`if email_sent:`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+# API Configuration`
	`2`	`+VITE_API_BASE_URL=http://localhost:8000`