Update: 2026-05-03 21:58:11

app/modules_app/users/index.php

@@ -1,9 +1,10 @@
 <?php
 /**
- * Users List Endpoint
+ * Users List Endpoint (with Decryption)
  */
 
 use App\Core\Database;
+use App\Core\Encryption;
 use App\Middleware\AuthMiddleware;
 
 // 1. Auth Check
@@ -20,4 +21,14 @@ $stmt = $db->prepare("SELECT id, name, email, role, is_active, created_at FROM u
 $stmt->execute();
 $users = $stmt->fetchAll();
 
+// 4. Decrypt sensitive data for the UI
+foreach ($users as &$user) {
+    // Try to decrypt. If it fails (e.g. data was plain text), keep original.
+    $decryptedName = Encryption::decrypt($user['name']);
+    $user['name'] = $decryptedName !== false ? $decryptedName : $user['name'];
+
+    $decryptedEmail = Encryption::decrypt($user['email']);
+    $user['email'] = $decryptedEmail !== false ? $decryptedEmail : $user['email'];
+}
+
 json_success($users);