bookshelf-encrypt-columns
Advanced tools
Automatically encrypt/decrypt database columns via Bookshelf.js
This Bookshelf.js plugin enables you to define which model columns are encrypted on save/update. Those columns will also be automatically decrypted when fetched.
Install the package via npm:
$ npm install --save bookshelf-encrypt-columns
Require and register the bookshelf-encrypt-columns plugin:
var bookshelf = require('bookshelf')(knex);
var encryptColumns = require('bookshelf-encrypt-columns');
bookshelf.plugin(encryptColumns, {
cipher: 'a-valid-cipher',
key: 'your-strong-key'
});
Both cipher and key are required. By default, the plugin will use the aes-256-ctr cipher. For a list of valid ciphers, please see the Node Crypto docs. Be sure to store your key in a secure location and avoid passing it to the plugin directly.
Define which columns are encrypted with the encryptedColumns prototype property:
bookshelf.Model.extend({
encryptedColumns: ['secret'],
tableName: 'test'
});
MIT
This plugin was inspired by and borrows heavily from the bookshelf-json-columns plugin.
FAQs
Automatically encrypt/decrypt database columns via Bookshelf.js
The npm package bookshelf-encrypt-columns receives a total of 12 weekly downloads. As such, bookshelf-encrypt-columns popularity was classified as not popular.
We found that bookshelf-encrypt-columns demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."