As the title says I made this zero knowledge encryption sort of Password vault, I am fairly new to encryptions and backend stuff so I would love to hear some feedback and stuff.
Here's an explanation how it works:-
- When creating your account user will send enc_key which will be their masterKey to decrypt their password.
- Then the enc_key will be hashed by bcyrptjs.
- User creation is done!
- when user stores a password, they will have to provide encryption key with the password.
- Then CryptoJs will decrypt the password by the encryption key you sent bcrypt will compare the ecnryption key with hashed key, if it is incorrect, server will respond with 404.
- Basic user auth is done by JWT
Tech is used:
Expresss, MongoDb and Mongoose\
FrontEnd is not ready yet
Here is the repo link Gasssword-API
Top comments (0)