@24hr/seqcryptor

seqCryptor

This is a small module to encrypt specififc columns with seqeuelize. It's a little like https://www.npmjs.com/package/sequelize-encrypted but since seqeuelize-encrypted hasnt been updated for five years and we needed a typescript version, we deciced to create a new module.

It's just 80+ rows of code, so nothing fancy, but our goals was to create a module that we could use in procjects that need to encrypt data AFTER the project had grown a lot. So this is designed with the goal of chaning as little as possbile to the normal model definition in sequelize.

It currently only supports DataType.STRING, DataType.JSONB and DataType.JSON.

How to use it

This is the most basic example:

// Create the encryptor with your secret key
const encryptor = seqEncryptor('YOUR_SUPER_SECRET_32_BYTES_KEY__');

const sequelize = new Sequelize({
    dialect: 'sqlite',
    storage: ':memory:',
    define: {
        timestamps: true,
    },
    logging: false,
});

class User extends Model {
    public name!: string;
    public guid!: string;
}

User.init({
    guid: {
        allowNull: false,
        unique: true,
        type: DataTypes.UUID,
        defaultValue: DataTypes.UUIDV4,
    },
    name: encryptor({               // THIS IS THE ONLY DIFFERENCE. Together with the field below.
        type: DataTypes.STRING,
        field: 'name',              // THIS IS REQUIRED. The initiation functions doens't have access to the name in the json,
                                    // so we need to explicitly write it.
    }),
}, {
    sequelize,
    paranoid: false,
});

await User.sync();

const user = await User.create({ name: 'bar' });

const rawUser = await User.findOne({ where: { guid: user.guid }, raw: true });
console.log(rawUser.name); // Will print an encrypted string

const loadedUser = await User.findOne({ where: { guid: user.guid } });
console.log(loadedUser.name); // Will print "bar"

How to test it

To run the tests, run:

npm ci
npm run test-ci