Use unique IV when creating encryption/decryption cipher

Line 136 in 80adb98

    
           return crypto.createCipheriv('aes-256-ctr', process.env.ENCRYPTION_KEY, new Buffer('vectorvector1234')).update(value, 'utf-8', 'hex')

https://stackoverflow.com/a/51125340

I'm pretty sure this needs to be a fixed salt, but specified by each site instead of leaving a hardcoded value in, because the hashed values of some fields are used as indexes but I will check into that and fix this tomorrow. Thanks!

Fixed and republished. There was already an ENV variable for the value ENCRYPTION_SECRET_IV it just wasn't implemented correctly.