Some PSA backends can have very sensitive access tokens. For example, a token can give write access to a user's GitHub repositories. I think that's something that should be given extra protection.
The most reasonable solution, in my opinion, is to encrypt the DB column containing the token. Disk encryption isn't quite the right way to protect this data. Databases are often backed-up or replicated, so protecting sensitive data then requires ensuring everything is encrypted when transmitting to or storing on other machines.
Some cursory searching reveals a couple of handy tools for encrypting fields. https://github.com/defrex/django-encrypted-fields looks like the most promising one.
If people are OK with this, I might play around with hooking it up. I've built similar things before.
Some PSA backends can have very sensitive access tokens. For example, a token can give write access to a user's GitHub repositories. I think that's something that should be given extra protection.
The most reasonable solution, in my opinion, is to encrypt the DB column containing the token. Disk encryption isn't quite the right way to protect this data. Databases are often backed-up or replicated, so protecting sensitive data then requires ensuring everything is encrypted when transmitting to or storing on other machines.
Some cursory searching reveals a couple of handy tools for encrypting fields. https://github.com/defrex/django-encrypted-fields looks like the most promising one.
If people are OK with this, I might play around with hooking it up. I've built similar things before.