DEV Community

Cover image for 🔐How to encrypt variables in NodeJS
Soumya Mondal
Soumya Mondal

Posted on

2 2

🔐How to encrypt variables in NodeJS

#encrypt #hashing #npm #node

Ever imagined what would happen if someone gets access to your MongoDB account where all your crucial information are stored.

All this comes down to another major issue when you have more than a few users who've submitted their confidential data relying on you.

Need of Encryption 💁‍♂️

Storing user's data without any encryption at all might not be a good idea.

A good fix to avoid compromising with someone's privacy would be to encrypt🔒 data before storing in Database and decrypt🔓 data while accessing from the Database.

-> How to Encrypt variables 🛡️

While hash can be a good idea to implement before storing your user submitted variables, that might not work to regain data from the Database.

Again npm packages like 'bcrypt' & 'crypto' can be super useful and complicated at the same time.

Let's see a method that's easy to understand as well as implementable in a flash.

-> Using Keyhasher

Assuming you already have a nodejs project set up, let's first install the npm package using:

npm i keyhasher
Enter fullscreen mode Exit fullscreen mode

Running this in the terminal will install the package.
Let's require the package in the Node project.

const key = require('keyhasher');
Enter fullscreen mode Exit fullscreen mode

Try to keep this at the top of the project file.

--> How Keyhasher Works

Keyhasher has two functions for Encryption and Decryption respectively.

Both the funtions takes in two arguments, the hashable or reverse hashable input and the Passkey 🔑.

Simple example of the functions are given as-

var hashAble = key.hash("Hi", 572);
console.log(`Hashed Phrase: ${hashAble}`)

// Hashed Phrase: X4A=

var rawWord = key.revHash("X4A=", 572);
console.log(`Output: ${rawWord}`)

// Output: Hi
Enter fullscreen mode Exit fullscreen mode

In the hash Function, "Hi" is the text that is being encrypted, while I've used '572' as the Passkey🔑 that can be provided either directly to function or by using environment variable.

The function returns a Phrase "X4A=", which can be stored into the database.

With change to the passcode the Encrypted phrase changes. The same password is needed to decrypt the Encrypted phrase.

--> Securing the Passcode

The passcode can be any integer number like 12383473, 3481234, 341343, 8534582, 98, 1236, 894.

A better practice would be to store the passcode🔑 in the configuration file.

Create a .env file and store your passkey in the following format.

PASSCODE = "23143341"
Enter fullscreen mode Exit fullscreen mode

After storing the passcode safely, it can be used in the project with following syntax.

var hashAble = key.hash("Hi", process.env.PASSCODE);
console.log(`Hashed Phrase: ${hashAble}`)

// Hashed Phrase: X4A=

var rawWord = key.revHash("X4A=", process.env.PASSCODE);
console.log(`Output: ${rawWord}`)

// Output: Hi
Enter fullscreen mode Exit fullscreen mode
profile
Neon
 Promoted

Neon image

Build better on Postgres with AI-Assisted Development Practices

Compare top AI coding tools like Cursor and Windsurf with Neon's database integration. Generate synthetic data and manage databases with natural language.

Read more →

Top comments (0)

profile
AWS
 Promoted

AWS Industries LIVE! Stream

Business benefits of the cloud

Join AWS experts and tech leaders as they discuss the business impact of the cloud on Industries LIVE!

Learn More

👋 Kindness is contagious

Dive into this insightful write-up, celebrated within the collaborative DEV Community. Developers at any stage are invited to contribute and elevate our shared skills.

A simple "thank you" can boost someone’s spirits—leave your kudos in the comments!

On DEV, exchanging ideas fuels progress and deepens our connections. If this post helped you, a brief note of thanks goes a long way.

Okay