import { createDecryptionClient } from '@djangocfg/crypto';

// Create a decryption client
const crypto = await createDecryptionClient({
  secretKey: 'your-django-secret-key',
  userId: 123,  // optional, for per-user encryption
});

// Fetch encrypted data
const response = await fetch('/api/products/?encrypt=true');
const encryptedData = await response.json();

// Decrypt all encrypted fields
const data = await crypto.decryptObject(encryptedData);
console.log(data.price); // decrypted value

React Hooks

import { useDecrypt } from '@djangocfg/crypto/react';

function ProductPrice({ product }: { product: Product }) {
  const { data, isLoading, error } = useDecrypt(product, {
    secretKey: process.env.NEXT_PUBLIC_DECRYPT_KEY!,
    userId: user.id,
  });

  if (isLoading) return <Skeleton />;
  if (error) return <ErrorMessage error={error} />;

  return <span>${data.price}</span>;
}

Lazy Decryption

import { useLazyDecrypt } from '@djangocfg/crypto/react';

function LazyProduct({ product }: { product: Product }) {
  const { decrypt, data, isLoading } = useLazyDecrypt({
    secretKey: process.env.NEXT_PUBLIC_DECRYPT_KEY!,
  });

  return (
    <div>
      <button onClick={() => decrypt(product)}>
        Show Price
      </button>
      {isLoading && <Spinner />}
      {data && <span>{data.price}</span>}
    </div>
  );
}

API Reference

Core Functions

`createDecryptionClient(config)`

Creates a decryption client with pre-derived key.

const crypto = await createDecryptionClient({
  secretKey: string;      // Django SECRET_KEY
  userId?: string|number; // Optional user ID
  sessionId?: string;     // Optional session ID
  iterations?: number;    // PBKDF2 iterations (default: 100000)
  keyPrefix?: string;     // Key prefix (default: "djangocfg_encryption")
});

// Methods
await crypto.decryptField(encryptedField);  // Decrypt single field
await crypto.decryptObject(data);           // Decrypt all fields recursively
crypto.isEncryptedField(value);             // Type guard

`decryptField(field, key)`

Decrypt a single encrypted field.

`decryptObject(data, key)`

Recursively decrypt all encrypted fields in an object.

React Hooks

`useDecrypt(data, config)`

Decrypt data on mount.

`useDecryptionClient(config)`

Create a memoized decryption client.

`useLazyDecrypt(config)`

Decrypt data on demand with manual trigger.

`useIsEncrypted(value)`

Check if a value is encrypted.

Types

interface EncryptedField {
  encrypted: true;
  field?: string;
  algorithm: 'AES-256-GCM';
  iv: string;        // base64
  data: string;      // base64
  auth_tag: string;  // base64
}

interface DecryptionConfig {
  secretKey: string;
  userId?: string | number;
  sessionId?: string;
  iterations?: number;
  keyPrefix?: string;
}

Security Notes

Never expose your Django SECRET_KEY directly in frontend code
Use a dedicated decryption key or derive one securely
Consider per-user keys for sensitive data isolation
PBKDF2 iterations must match backend configuration

License

MIT

Keywords

FAQs

What is @djangocfg/crypto?

Is @djangocfg/crypto well maintained?

Package last updated on 03 Mar 2026

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

@djangocfg/crypto