DEV Community

Cover image for ๐Ÿ”How to encrypt variables in NodeJS
Soumya Mondal
Soumya Mondal

Posted on

2 2

๐Ÿ”How to encrypt variables in NodeJS

Ever imagined what would happen if someone gets access to your MongoDB account where all your crucial information are stored.

All this comes down to another major issue when you have more than a few users who've submitted their confidential data relying on you.

Need of Encryption ๐Ÿ’โ€โ™‚๏ธ

Storing user's data without any encryption at all might not be a good idea.

A good fix to avoid compromising with someone's privacy would be to encrypt๐Ÿ”’ data before storing in Database and decrypt๐Ÿ”“ data while accessing from the Database.


-> How to Encrypt variables ๐Ÿ›ก๏ธ

While hash can be a good idea to implement before storing your user submitted variables, that might not work to regain data from the Database.

Again npm packages like 'bcrypt' & 'crypto' can be super useful and complicated at the same time.

Let's see a method that's easy to understand as well as implementable in a flash.


-> Using Keyhasher

Assuming you already have a nodejs project set up, let's first install the npm package using:

npm i keyhasher
Enter fullscreen mode Exit fullscreen mode

Running this in the terminal will install the package.
Let's require the package in the Node project.

const key = require('keyhasher');
Enter fullscreen mode Exit fullscreen mode

Try to keep this at the top of the project file.


--> How Keyhasher Works

Keyhasher has two functions for Encryption and Decryption respectively.

Both the funtions takes in two arguments, the hashable or reverse hashable input and the Passkey ๐Ÿ”‘.

Simple example of the functions are given as-

var hashAble = key.hash("Hi", 572);
console.log(`Hashed Phrase: ${hashAble}`)

// Hashed Phrase: X4A=

var rawWord = key.revHash("X4A=", 572);
console.log(`Output: ${rawWord}`)

// Output: Hi
Enter fullscreen mode Exit fullscreen mode

In the hash Function, "Hi" is the text that is being encrypted, while I've used '572' as the Passkey๐Ÿ”‘ that can be provided either directly to function or by using environment variable.

The function returns a Phrase "X4A=", which can be stored into the database.

With change to the passcode the Encrypted phrase changes. The same password is needed to decrypt the Encrypted phrase.


--> Securing the Passcode

The passcode can be any integer number like 12383473, 3481234, 341343, 8534582, 98, 1236, 894.

A better practice would be to store the passcode๐Ÿ”‘ in the configuration file.

Create a .env file and store your passkey in the following format.

PASSCODE = "23143341"
Enter fullscreen mode Exit fullscreen mode

After storing the passcode safely, it can be used in the project with following syntax.

var hashAble = key.hash("Hi", process.env.PASSCODE);
console.log(`Hashed Phrase: ${hashAble}`)

// Hashed Phrase: X4A=

var rawWord = key.revHash("X4A=", process.env.PASSCODE);
console.log(`Output: ${rawWord}`)

// Output: Hi
Enter fullscreen mode Exit fullscreen mode

Speedy emails, satisfied customers

Postmark Image

Are delayed transactional emails costing you user satisfaction? Postmark delivers your emails almost instantly, keeping your customers happy and connected.

Sign up

Top comments (0)

Sentry image

See why 4M developers consider Sentry, โ€œnot bad.โ€

Fixing code doesnโ€™t have to be the worst part of your day. Learn how Sentry can help.

Learn more

๐Ÿ‘‹ Kindness is contagious

Explore a sea of insights with this enlightening post, highly esteemed within the nurturing DEV Community. Coders of all stripes are invited to participate and contribute to our shared knowledge.

Expressing gratitude with a simple "thank you" can make a big impact. Leave your thanks in the comments!

On DEV, exchanging ideas smooths our way and strengthens our community bonds. Found this useful? A quick note of thanks to the author can mean a lot.

Okay