groot/automatisch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Encrypt data column of connections (#105)

Browse Source
This commit is contained in:
Ömer Faruk Aydın
2021-11-28 22:08:35 +01:00
committed by GitHub
parent 69bea588e4
commit f949eca3c4
6 changed files with 44 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
packages/backend/.env-example
View File

@@ -9,3 +9,4 @@ POSTGRES_HOST=localhost
POSTGRES_USERNAME=automatish_development_user POSTGRES_USERNAME=automatish_development_user
POSTGRES_PASSWORD= POSTGRES_PASSWORD=
POSTGRES_ENABLE_SSL=false POSTGRES_ENABLE_SSL=false
ENCRYPTION_KEY=sample-encryption-key

2
packages/backend/package.json
View File

@@ -19,6 +19,7 @@
"axios": "0.24.0", "axios": "0.24.0",
"bcrypt": "^5.0.1", "bcrypt": "^5.0.1",
"cors": "^2.8.5", "cors": "^2.8.5",
"crypto-js": "^4.1.1",
"debug": "~2.6.9", "debug": "~2.6.9",
"discord.js": "13.2.0", "discord.js": "13.2.0",
"dotenv": "^10.0.0", "dotenv": "^10.0.0",
@@ -63,6 +64,7 @@
"devDependencies": { "devDependencies": {
"@types/bcrypt": "^5.0.0", "@types/bcrypt": "^5.0.0",
"@types/cors": "^2.8.12", "@types/cors": "^2.8.12",
"@types/crypto-js": "^4.0.2",
"@types/express": "^4.17.13", "@types/express": "^4.17.13",
"@types/http-errors": "^1.8.1", "@types/http-errors": "^1.8.1",
"@types/morgan": "^1.9.3", "@types/morgan": "^1.9.3",

4
packages/backend/src/config/app.ts
View File

@@ -13,7 +13,8 @@ type AppConfig = {
postgresUsername: string, postgresUsername: string,
postgresPassword: string, postgresPassword: string,
postgresEnableSsl: boolean, postgresEnableSsl: boolean,
baseUrl?: string baseUrl?: string,
encryptionKey: string
} }
const appConfig: AppConfig = { const appConfig: AppConfig = {
@@ -28,6 +29,7 @@ const appConfig: AppConfig = {
postgresUsername: process.env.POSTGRES_USERNAME || 'automatish_development_user', postgresUsername: process.env.POSTGRES_USERNAME || 'automatish_development_user',
postgresPassword: process.env.POSTGRES_PASSWORD, postgresPassword: process.env.POSTGRES_PASSWORD,
postgresEnableSsl: process.env.POSTGRES_ENABLE_SSL === 'true' ? true : false, postgresEnableSsl: process.env.POSTGRES_ENABLE_SSL === 'true' ? true : false,
encryptionKey: process.env.ENCRYPTION_KEY
} }
const baseUrl = `${appConfig.protocol}://${appConfig.host}:${appConfig.port}`; const baseUrl = `${appConfig.protocol}://${appConfig.host}:${appConfig.port}`;

1
packages/backend/src/graphql/queries/test-connection.ts
View File

@@ -19,6 +19,7 @@ const testConnectionResolver = async (params: Params, req: RequestWithCurrentUse
const isStillVerified = await appInstance.authenticationClient.isStillVerified(); const isStillVerified = await appInstance.authenticationClient.isStillVerified();
connection = await connection.$query().patchAndFetch({ connection = await connection.$query().patchAndFetch({
data: connection.data,
verified: isStillVerified verified: isStillVerified
}) })

27
packages/backend/src/models/connection.ts
View File

@@ -1,5 +1,8 @@
import { QueryContext, ModelOptions } from 'objection';
import { AES, enc } from 'crypto-js';
import Base from './base' import Base from './base'
import User from './user' import User from './user'
import appConfig from '../config/app';
class Connection extends Base { class Connection extends Base {
id!: number id!: number
@@ -34,6 +37,30 @@ class Connection extends Base {
}, },
} }
}) })
encryptData() {
this.data = AES.encrypt(JSON.stringify(this.data), appConfig.encryptionKey).toString();
}
decryptData() {
this.data = JSON.parse(AES.decrypt(this.data, appConfig.encryptionKey).toString(enc.Utf8));
}
// TODO: Make another abstraction like beforeSave instead of using
// beforeInsert and beforeUpdate separately for the same operation.
async $beforeInsert(queryContext: QueryContext) {
await super.$beforeInsert(queryContext);
this.encryptData();
}
async $beforeUpdate(opt: ModelOptions, queryContext: QueryContext) {
await super.$beforeUpdate(opt, queryContext);
this.encryptData();
}
async $afterFind(queryContext: QueryContext) {
this.decryptData();
}
} }
export default Connection; export default Connection;

10
yarn.lock
View File

@@ -3067,6 +3067,11 @@
resolved "https://registry.yarnpkg.com/@types/cors/-/cors-2.8.12.tgz#6b2c510a7ad7039e98e7b8d3d6598f4359e5c080" resolved "https://registry.yarnpkg.com/@types/cors/-/cors-2.8.12.tgz#6b2c510a7ad7039e98e7b8d3d6598f4359e5c080"
integrity sha512-vt+kDhq/M2ayberEtJcIN/hxXy1Pk+59g2FV/ZQceeaTyCtCucjL2Q7FXlFjtWn4n15KCr1NE2lNNFhp0lEThw== integrity sha512-vt+kDhq/M2ayberEtJcIN/hxXy1Pk+59g2FV/ZQceeaTyCtCucjL2Q7FXlFjtWn4n15KCr1NE2lNNFhp0lEThw==
"@types/crypto-js@^4.0.2":
version "4.0.2"
resolved "https://registry.yarnpkg.com/@types/crypto-js/-/crypto-js-4.0.2.tgz#4524325a175bf819fec6e42560c389ce1fb92c97"
integrity sha512-sCVniU+h3GcGqxOmng11BRvf9TfN9yIs8KKjB8C8d75W69cpTfZG80gau9yTx5SxF3gvHGbJhdESzzvnjtf3Og==
"@types/eslint@^7.2.6": "@types/eslint@^7.2.6":
version "7.28.1" version "7.28.1"
resolved "https://registry.yarnpkg.com/@types/eslint/-/eslint-7.28.1.tgz#50b07747f1f84c2ba8cd394cf0fe0ba07afce320" resolved "https://registry.yarnpkg.com/@types/eslint/-/eslint-7.28.1.tgz#50b07747f1f84c2ba8cd394cf0fe0ba07afce320"
@@ -5884,6 +5889,11 @@ crypto-browserify@^3.11.0:
randombytes "^2.0.0" randombytes "^2.0.0"
randomfill "^1.0.3" randomfill "^1.0.3"
crypto-js@^4.1.1:
version "4.1.1"
resolved "https://registry.yarnpkg.com/crypto-js/-/crypto-js-4.1.1.tgz#9e485bcf03521041bd85844786b83fb7619736cf"
integrity sha512-o2JlM7ydqd3Qk9CA0L4NL6mTzU2sdx96a+oOfPu8Mkl/PK51vSyoi8/rQ8NknZtk44vq15lmhAj9CIAGwgeWKw==
crypto-random-string@^1.0.0: crypto-random-string@^1.0.0:
version "1.0.0" version "1.0.0"
resolved "https://registry.yarnpkg.com/crypto-random-string/-/crypto-random-string-1.0.0.tgz#a230f64f568310e1498009940790ec99545bca7e" resolved "https://registry.yarnpkg.com/crypto-random-string/-/crypto-random-string-1.0.0.tgz#a230f64f568310e1498009940790ec99545bca7e"