crypto for twilio config was not properly implemented

src/lib/server/twilio/index.ts

@@ -0,0 +1,20 @@
+import type { TwilioConfig } from '@prisma/client';
+import { decrypt, encrypt } from '../crypto';
+
+type TwilioCore = Pick<TwilioConfig, 'accountSID' | 'authToken' | 'phoneNumber'>;
+
+export function encryptTwilioConfig({ accountSID, authToken, phoneNumber }: TwilioCore) {
+	return {
+		accountSID: encrypt(accountSID),
+		authToken: encrypt(authToken),
+		phoneNumber: encrypt(phoneNumber),
+	};
+}
+
+export function decryptTwilioConfig({ accountSID, authToken, phoneNumber }: TwilioCore) {
+	return {
+		accountSID: decrypt(accountSID),
+		authToken: decrypt(authToken),
+		phoneNumber: decrypt(phoneNumber),
+	};
+}

src/routes/app/settings/+page.server.ts

@@ -1,6 +1,7 @@
 import { PhoneRegex } from '$lib/regex';
 import { logger } from '$lib/server/logger';
 import { prisma } from '$lib/server/prisma';
+import { encryptTwilioConfig, decryptTwilioConfig } from '$lib/server/twilio';
 import { fail, type Actions } from '@sveltejs/kit';
 import zod from 'zod';
 
@@ -20,8 +21,16 @@ export const load = async (event) => {
 		},
 	});
 
+	if (!configs) {
+		return {};
+	}
+
 	return {
-		configs: configs,
+		configs: {
+			...(configs.twilioConfig && {
+				twilioConfig: decryptTwilioConfig(configs.twilioConfig),
+			}),
+		},
 	};
 };
 
@@ -65,28 +74,32 @@ export const actions = {
 			create: {
 				tenantId: tenantId,
 				twilioConfig: {
-					create: {
+					create: encryptTwilioConfig({
 						accountSID: accountSID,
 						authToken: authToken,
 						phoneNumber: phoneNumber,
-					},
+					}),
 				},
 			},
 			update: {
 				tenantId: tenantId,
 				twilioConfig: {
-					update: {
+					update: encryptTwilioConfig({
 						accountSID: accountSID,
 						authToken: authToken,
 						phoneNumber: phoneNumber,
-					},
+					}),
 				},
 			},
 			select: { twilioConfig: true },
 		});
 
 		return {
-			configs: configs,
+			configs: {
+				...(configs.twilioConfig && {
+					twilioConfig: decryptTwilioConfig(configs.twilioConfig),
+				}),
+			},
 		};
 	},
 } satisfies Actions;

src/routes/app/sms/+page.server.ts

@@ -1,6 +1,7 @@
 import type { Recipient } from '$lib/components/SMS';
 import { logger } from '$lib/server/logger';
 import { prisma } from '$lib/server/prisma/index.js';
+import { decryptTwilioConfig } from '$lib/server/twilio/index.js';
 import { fail, type Actions } from '@sveltejs/kit';
 import twilio from 'twilio';
 import zod from 'zod';
@@ -24,6 +25,8 @@ export const load = async (event) => {
 	const { success, error: validationError } = zod
 		.object({
 			accountSID: zod.string(),
+			authToken: zod.string(),
+			phoneNumber: zod.string(),
 		})
 		.safeParse(configs?.twilioConfig);
 
@@ -84,14 +87,16 @@ export const actions = {
 			return fail(307, { error: 'no_twilio_config' });
 		}
 
-		const client = twilio(config.accountSID, config.authToken);
+		const decryptedConfig = decryptTwilioConfig(config);
+
+		const client = twilio(decryptedConfig.accountSID, decryptedConfig.authToken);
 
 		for (const recipient of recipients) {
 			try {
 				const result = await client.messages.create({
 					to: recipient.phone,
 					body: message,
-					from: config.phoneNumber,
+					from: decryptedConfig.phoneNumber,
 				});
 				logger.debug(result);
 			} catch (e) {