DEV Community πŸ‘©β€πŸ’»πŸ‘¨β€πŸ’»

Cover image for πŸ”How to encrypt variables in NodeJS
Soumya Mondal
Soumya Mondal

Posted on

πŸ”How to encrypt variables in NodeJS

Ever imagined what would happen if someone gets access to your MongoDB account where all your crucial information are stored.

All this comes down to another major issue when you have more than a few users who've submitted their confidential data relying on you.

Need of Encryption πŸ’β€β™‚οΈ

Storing user's data without any encryption at all might not be a good idea.

A good fix to avoid compromising with someone's privacy would be to encryptπŸ”’ data before storing in Database and decryptπŸ”“ data while accessing from the Database.


-> How to Encrypt variables πŸ›‘οΈ

While hash can be a good idea to implement before storing your user submitted variables, that might not work to regain data from the Database.

Again npm packages like 'bcrypt' & 'crypto' can be super useful and complicated at the same time.

Let's see a method that's easy to understand as well as implementable in a flash.


-> Using Keyhasher

Assuming you already have a nodejs project set up, let's first install the npm package using:

npm i keyhasher
Enter fullscreen mode Exit fullscreen mode

Running this in the terminal will install the package.
Let's require the package in the Node project.

const key = require('keyhasher');
Enter fullscreen mode Exit fullscreen mode

Try to keep this at the top of the project file.


--> How Keyhasher Works

Keyhasher has two functions for Encryption and Decryption respectively.

Both the funtions takes in two arguments, the hashable or reverse hashable input and the Passkey πŸ”‘.

Simple example of the functions are given as-

var hashAble = key.hash("Hi", 572);
console.log(`Hashed Phrase: ${hashAble}`)

// Hashed Phrase: X4A=

var rawWord = key.revHash("X4A=", 572);
console.log(`Output: ${rawWord}`)

// Output: Hi
Enter fullscreen mode Exit fullscreen mode

In the hash Function, "Hi" is the text that is being encrypted, while I've used '572' as the PasskeyπŸ”‘ that can be provided either directly to function or by using environment variable.

The function returns a Phrase "X4A=", which can be stored into the database.

With change to the passcode the Encrypted phrase changes. The same password is needed to decrypt the Encrypted phrase.


--> Securing the Passcode

The passcode can be any integer number like 12383473, 3481234, 341343, 8534582, 98, 1236, 894.

A better practice would be to store the passcodeπŸ”‘ in the configuration file.

Create a .env file and store your passkey in the following format.

PASSCODE = "23143341"
Enter fullscreen mode Exit fullscreen mode

After storing the passcode safely, it can be used in the project with following syntax.

var hashAble = key.hash("Hi", process.env.PASSCODE);
console.log(`Hashed Phrase: ${hashAble}`)

// Hashed Phrase: X4A=

var rawWord = key.revHash("X4A=", process.env.PASSCODE);
console.log(`Output: ${rawWord}`)

// Output: Hi
Enter fullscreen mode Exit fullscreen mode

Top comments (0)

Take Your Github Repository To The Next Level

Take Your Github Repository To The Next Level πŸš€οΈ: A step-by-step guide on creating the perfect Github repository.