Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Store property values encrypted #1260

Closed
bajtos opened this issue Mar 31, 2015 · 5 comments
Closed

Store property values encrypted #1260

bajtos opened this issue Mar 31, 2015 · 5 comments
Labels
feature major stale

Comments

@bajtos
Copy link
Member

bajtos commented Mar 31, 2015

We should provide an easy way how to encrypt property values on "save" and decrypt then on "load". At the moment, users have to implement operation hooks as a workaround.

Optionally, we can provide support for one-way encryption too, think of User.password.

loopbackio/loopback-datasource-juggler#441

The reason is: I need to encrypt/decrypt data in database.
So basically before save I can encrypt data with the key.
But I can't decrypt data after find.
I've tried with getter/setter but it doesn't work.

#1226

I need to manipulate data after it is validated ?
For example, after all my fields are validated I'd like to encrypt some of them and persist into datastore.
This was referenced Mar 31, 2015
Closed
Closed
@bajtos
Copy link
Member Author

bajtos commented Apr 1, 2015

One of many possible implementations:

{
  "name": "MyModel",
  "properties": {
    "name": { "type": "string", "encrypted": true }
  }
}
module.exports = function(MyModel) {
  MyModel._encryptPropertyValue = function(propertyName, value, cb) {
    // custom encryption algorithm
    cb(null, encryptedPropertyValue);
  };

  MyModel._decryptPropertyValue = function(propertyName, encryptedValue, cb) {
    // custom encryption algorithm
    cb(null, value);
  };
}

@fabien fabien mentioned this issue Apr 1, 2015
Closed
@fabien
Copy link
Contributor

fabien commented Apr 1, 2015

As pointed out here #1226 (comment) I think we should aim for an Encrypt mixin. Suggestion:

Model.mixin('Encrypt'); // will check property definitions for encrypted: true

The above will use Model.encryptAttribute(attr, data, options, cb); which will have a default implementation (once you run the mixin), which you can then override (in boot/ ... for example).

Model.mixin('Encrypt', { properties: ['data'] , encrypt: function(attr, data, options, cb) { ... }, decrypt: ... }');

Use the given properties; when an encrypt function is given, define Model.encryptAttribute with it.

@jmls
Copy link

jmls commented Jul 30, 2015

has there been any more work on this ?

@bajtos
Copy link
Member Author

bajtos commented Aug 5, 2015

@jmls loopbackio/loopback-datasource-juggler#599 added "loaded" hook and loopbackio/loopback-datasource-juggler#586 added "persist" hook. These two new hooks should allow you to implement encryption yourself. We don't have a higher-level support (like a mixin outlined above) yet.

@ritch ritch added the stale label Nov 18, 2016
@ritch ritch closed this as completed Dec 6, 2016
@bajtos
Copy link
Member Author

bajtos commented Dec 7, 2016
edited
Loading

Let me add more context for anybody who may come across this closed issue: I personally agree with @fabien that encrypted properties can and thus should be implemented as a mixin. Additionally, I think it's best to keep this mixin outside of loopback core, to allow independent versioning and easier maintenance.

If it turns out that the two hooks "loaded" and "persist" are not enough to support property encryption/decryption, then please open a new issue describing what is needed from LoopBack core to support this feature.

This was referenced Sep 26, 2018
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature major stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@fabien @ritch @jmls @bajtos