GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → generalpiston → typeorm-encrypted

generalpiston / typeorm-encrypted

Licence: MIT license
Encrypted field for typeorm.

Programming Languages

typescript
32286 projects

Labels

encryptiondatabaseencrypted-storeencryptedtypeormencrypt

Projects that are alternatives of or similar to typeorm-encrypted

libVES.c
VESvault End-to-End Encryption API: Encrypt Everything Without Fear of Losing the Key
Stars: ✭ 28 (-44%)
Mutual labels:  encrypted-store, encrypted
trezorLuks
A wrapper around "cryptsetup" to use a key from a Trezor device instead of a password
Stars: ✭ 20 (-60%)
Mutual labels:  encrypt
sandpass
Password manager for Sandstorm
Stars: ✭ 26 (-48%)
Mutual labels:  encrypted-store
encrypted-smiley-secure-protocol
Node.JS library Encrypted Smiley ® Secure Protocol (eSSP, SSP)
Stars: ✭ 22 (-56%)
Mutual labels:  encrypted
gec
CLI utility for git+gocryptfs in Bash
Stars: ✭ 49 (-2%)
Mutual labels:  encrypted-store
pg-error-enum
TypeScript Enum for Postgres Errors with no runtime dependencies. Also compatible with plain JavaScript.
Stars: ✭ 18 (-64%)
Mutual labels:  typeorm
apollo-instagram-clone
Apollogram | A place where you could share photos, like media, and follow peoples.
Stars: ✭ 24 (-52%)
Mutual labels:  typeorm
safe-typeorm
TypeORM helper library enhancing safety in the compilation level
Stars: ✭ 160 (+220%)
Mutual labels:  typeorm
ng-nest-cnode
Angular 10 Front-End and Nestjs 7 framework Back-End build Fullstack CNode
Stars: ✭ 17 (-66%)
Mutual labels:  typeorm
express-typeorm-rest-boilerplate
Boilerplate code to get started with building RESTful API Services (Express, TypeORM MongoDB stack)
Stars: ✭ 53 (+6%)
Mutual labels:  typeorm
nest-admin
采用nestjs typeorm vue开发的一套权限管理系统
Stars: ✭ 256 (+412%)
Mutual labels:  typeorm
renestql
React, NestJS & GraphQL monorepo boilerplate managed with nx
Stars: ✭ 25 (-50%)
Mutual labels:  typeorm
opentelemetry-ext-js
js extensions for the open-telemetry project
Stars: ✭ 122 (+144%)
Mutual labels:  typeorm
nest-admin
NestJs CRUD for RESTful API使用 nestjs + mysql + typeorm + redis + jwt + swagger 企业中后台管理系统项目RBAC权限管理(细粒度到按钮)、实现单点登录等。
Stars: ✭ 165 (+230%)
Mutual labels:  typeorm
nest-todo
🐱 使用 React.js + Nest.js 实现一个简单的 Todo App。
Stars: ✭ 205 (+310%)
Mutual labels:  typeorm
bash-backup
Simple backup script for GNU/Linux servers
Stars: ✭ 76 (+52%)
Mutual labels:  encrypt
gobarber-api-gostack11
API GoBarber / NodeJS / Express / Typescript / SOLID
Stars: ✭ 39 (-22%)
Mutual labels:  typeorm
common-secure
提供一些加密算法java代码封装 包括 RSA/AES/DES/3DES/MD5/SHA/HmacSHA256
Stars: ✭ 37 (-26%)
Mutual labels:  encrypt
Project01-C-User-Event-Collector
💜🎷 네이버 VIBE 사용자 이벤트 수집기 🎷💜
Stars: ✭ 21 (-58%)
Mutual labels:  typeorm
airbnb-clone
Fullstack airbnb clone made with React/Ts/Nest
Stars: ✭ 37 (-26%)
Mutual labels:  typeorm
View All Similar Projects ➔

typeorm-encrypted

Encrypted field for typeorm.

Installation

npm install --save typeorm-encrypted

Example

This library can invoked in 2 ways: transformers or subscribers. In both of the examples below, the Key and IV vary based on the algorithm. See the node docs for more info.

Transformers (Recommended)

The following example has the field automatically encrypted/decrypted on save/fetch respectively.

import { Entity, Column } from "typeorm";
import { EncryptionTransformer } from "typeorm-encrypted";

@Entity()
class User {
  ...

  @Column({
    type: "varchar",
    nullable: false,
    transformer: new EncryptionTransformer({
      key: 'e41c966f21f9e1577802463f8924e6a3fe3e9751f201304213b2f845d8841d61',
      algorithm: 'aes-256-cbc',
      ivLength: 16,
      iv: 'ff5ac19190424b1d88f9419ef949ae56'
    })
  })
  secret: string;

  ...
}

For JSON fields you can use JSONEncryptionTransformer.

import { Entity, Column } from "typeorm";
import { EncryptionTransformer } from "typeorm-encrypted";

@Entity()
class User {
  ...

  @Column({
    type: "json",
    nullable: false,
    transformer: new JSONEncryptionTransformer({
      key: 'e41c966f21f9e1577802463f8924e6a3fe3e9751f201304213b2f845d8841d61',
      algorithm: 'aes-256-cbc',
      ivLength: 16,
      iv: 'ff5ac19190424b1d88f9419ef949ae56'
    })
  })
  secret: object;

  ...
}

More information about transformers is available in the typeorm docs.

Subscribers

The following example has the field automatically encrypted/decrypted on save/fetch respectively.

import { BaseEntity, Entity, Column, createConnection } from "typeorm";
import { ExtendedColumnOptions, AutoEncryptSubscriber } from "typeorm-encrypted";

@Entity()
class User extends BaseEntity {
  ...

  @Column(<ExtendedColumnOptions>{
    type: "varchar",
    nullable: false,
    encrypt: {
      key: "d85117047fd06d3afa79b6e44ee3a52eb426fc24c3a2e3667732e8da0342b4da",
      algorithm: "aes-256-cbc",
      ivLength: 16
    }
  })
  secret: string;

  ...
}

let connection = createConnection({
  ...
  entities: [ User, ... ],
  subscribers: [ AutoEncryptSubscriber, ... ]
  ...
});

Entities and subscribers can be configured via ormconfig.json and environment variables as well. See the typeorm docs for more details.

How to use a configuration file

The following example is how you can create a config stored in a separate and use it

encryption-config.ts

// it is recommended to not store encryption keys directly in config files, 
// it's better to use an environment variable or to use dotenv in order to load the value
export const MyEncryptionTransformerConfig = {
  key: process.env.ENCRYPTION_KEY,
  algorithm: 'aes-256-cbc',
  ivLength: 16
};

user.entity.ts

import { Entity, Column } from "typeorm";
import { EncryptionTransformer } from "typeorm-encrypted";
import { MyEncryptionTransformerConfig } from './encryption-config.ts'; // path to where you stored your config file

@Entity()
class User {
  // ...

  @Column({
    type: "varchar",
    nullable: false,
    transformer: new EncryptionTransformer(MyEncryptionTransformerConfig)
  })
  secret: string;

  // ...
}

It's possible to customize the config if you need to use a different ivLength or customize other fields, a brief example below

user.entity.ts

class User {
  // same as before, but for the transformer line
  @Column({
    type: "varchar",
    nullable: false,
    transformer: new EncryptionTransformer({...MyEncryptionTransformerConfig, ivLength: 24})
  })
  secret: string;
  // ...
}

FAQ

Why won't complex queries work?

Queries that transform the encrypted column wont work because transformers and subscribers operate outside of the DBMS.

Error: Invalid IV length

The most likely reasons you're receiving this error:

  1. Column definition is wrong. Probably an issue with the key or IV.
  2. There is existing data in your DBMS. In this case, please migrate the data.
  3. Your query cache needs to be cleared. The typeorm query cache can be cleared globally using the typeorm-cli: typeorm cache:clear. For other, more specific, solutions, see the typeorm documentation.

How can an encrypted column be added to a table with data?

Follow these steps to add an encrypted column.

  1. Add a new column (col B) to the table. Configure the column to be encrypted. Remove the transformer from the original column (col A).
  2. Write a script that queries all of the entries in the table. Set the value of col B to col A.
  3. Save all the records.
  4. Rename col A to something else manually.
  5. Rename col B to the original name of col A manually.
  6. Remove the typeorm configuration for col A.
  7. Rename the typeorm configuration for col B to col A's name.
  8. Remove col A (unencrypted column) from the table manually.

Can typeorm-encrypted encrypt the entire database?

No. This library encrypts specific fields in a database.

Popular databases like MySQL and PostgreSQL are capable of data-at-rest and in-flight encryption. Refer to your database manual to figure out how to encrypt the entirety of the database.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].