react-secure-storage - npm Package Compare versions

react-secure-storage

Package Overview

Dependencies

Maintainers

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 1.2.0 to 1.2.1

dist/envHelper.js

src/lib/envHelper.ts

dist/fingerprint.js

		@@ -8,2 +8,4 @@ "use strict";

		var _envHelper = _interopRequireDefault(require("./envHelper"));

		var _fingerprint = _interopRequireDefault(require("./fingerprint.lib"));
		@@ -21,6 +23,3 @@
		var getFingerprint = function getFingerprint() {
		var HASH_KEY_CUSTOM = HASH_KEY; // If Cypress is installed, then load env from cypress, adding support for cypress

		if (typeof Cypress != "undefined") HASH_KEY_CUSTOM = Cypress.env("SECURE_LOCAL_STORAGE_HASH_KEY") \|\| Cypress.env("REACT_APP_SECURE_LOCAL_STORAGE_HASH_KEY") \|\| HASH_KEY; //Load the custom HASH KEY from process.env
		else HASH_KEY_CUSTOM = process.env.SECURE_LOCAL_STORAGE_HASH_KEY \|\| process.env.REACT_APP_SECURE_LOCAL_STORAGE_HASH_KEY \|\| HASH_KEY;
		var HASH_KEY_CUSTOM = _envHelper.default.getEnvValue("SECURE_LOCAL_STORAGE_HASH_KEY") \|\| HASH_KEY;
		if (typeof window === "undefined") return HASH_KEY_CUSTOM;
		@@ -27,0 +26,0 @@ return _fingerprint.default.getFingerprint() + HASH_KEY_CUSTOM;

dist/utils.js

		@@ -8,2 +8,6 @@ "use strict";

		var _envHelper = _interopRequireDefault(require("./envHelper"));

		function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }

		/**
		@@ -14,4 +18,3 @@ * Function which is used to get the secure prefix
		var getSecurePrefix = function getSecurePrefix() {
		var KEY_PREFIX = process.env.SECURE_LOCAL_STORAGE_PREFIX \|\| process.env.REACT_APP_SECURE_LOCAL_STORAGE_PREFIX \|\| "@secure.";
		if (typeof Cypress != "undefined") KEY_PREFIX = Cypress.env("SECURE_LOCAL_STORAGE_PREFIX") \|\| Cypress.env("REACT_APP_SECURE_LOCAL_STORAGE_PREFIX") \|\| KEY_PREFIX;
		var KEY_PREFIX = _envHelper.default.getEnvValue("SECURE_LOCAL_STORAGE_PREFIX") \|\| "@secure.";
		if (!KEY_PREFIX.endsWith(".")) return KEY_PREFIX + ".";
		@@ -44,4 +47,3 @@ return KEY_PREFIX;
		var getDisabledKeys = function getDisabledKeys() {
		var DISABLED_KEYS = process.env.SECURE_LOCAL_STORAGE_DISABLED_KEYS \|\| process.env.REACT_APP_SECURE_LOCAL_STORAGE_DISABLED_KEYS \|\| "";
		if (typeof Cypress != "undefined") DISABLED_KEYS = Cypress.env("SECURE_LOCAL_STORAGE_DISABLED_KEYS") \|\| Cypress.env("REACT_APP_SECURE_LOCAL_STORAGE_DISABLED_KEYS") \|\| DISABLED_KEYS;
		var DISABLED_KEYS = _envHelper.default.getEnvValue("SECURE_LOCAL_STORAGE_DISABLED_KEYS") \|\| "";
		if (DISABLED_KEYS === "") return [];
		@@ -48,0 +50,0 @@ var allOptions = [FINGERPRINT_KEYS.USERAGENT, FINGERPRINT_KEYS.SCREEN_PRINT, FINGERPRINT_KEYS.PLUGINS, FINGERPRINT_KEYS.FONTS, FINGERPRINT_KEYS.LOCAL_STORAGE, FINGERPRINT_KEYS.SESSION_STORAGE, FINGERPRINT_KEYS.TIMEZONE, FINGERPRINT_KEYS.LANGUAGE, FINGERPRINT_KEYS.SYSTEM_LANGUAGE, FINGERPRINT_KEYS.COOKIE, FINGERPRINT_KEYS.CANVAS, FINGERPRINT_KEYS.HOSTNAME];

package.json

		{
		"name": "react-secure-storage",
		"version": "1.2.0",
		"version": "1.2.1",
		"description": "This libraries is used to securely store data in local storage",
		@@ -5,0 +5,0 @@ "author": "Sushin Pv",

README.md

		@@ -11,3 +11,3 @@ [![npm](https://img.shields.io/npm/v/react-secure-storage.svg)](https://www.npmjs.com/package/react-secure-storage) [![downloads](https://img.shields.io/npm/dm/react-secure-storage.svg)](http://npm-stat.com/charts.html?package=react-secure-storage)

		In this case, if someone copies the data from local storage and past on a different browser, then load your website, Your website will authenticate the user, Why ? because your website knows how the decrypt the data!
		In this case, if someone copies the data from local storage and past on a different browser, then load your website, Your website will authenticate the user, Why ? because your website knows how to decrypt the data!

		@@ -38,19 +38,22 @@ This is the problem when you have a single secure key! Then how do we solve this issue ?

		SECURE_LOCAL_STORAGE_HASH_KEY=xxxxxxxxxxxxxxxx
		SECURE_LOCAL_STORAGE_HASH_KEY=xxxxxxxxx

		or

		REACT_APP_SECURE_LOCAL_STORAGE_HASH_KEY=xxxxxxxxx


		Secure local storage prefix can be configured using .env file as

		SECURE_LOCAL_STORAGE_PREFIX=xxxxxxx
		or

		REACT_APP_SECURE_LOCAL_STORAGE_PREFIX=xxxxxxx

		### Added Support for Cypress.env, The version >= 1.0.15, added support for Cypress

		### Here are the .env prefix lists for the supported languages that are built-in.

		\| Language \| Prefix \|
		\|----------\|--------------\|
		\| React \| REACT_APP_ \|
		\| Vite \| VITE_ \|
		\| Next.Js \| NEXT_PUBLIC_ \|

		You can always use the environment variables without the prefix as well


		## How to use
		@@ -86,5 +89,23 @@

		>`Here we strongly recommend you to not to disable any of the properties as more properties you have, more unique the browser fingerprint will be!`
		>Here we strongly recommend you to not to disable any of the properties as more properties you have, more unique the browser fingerprint will be!



		### How to use environment variables for the supported languages.

		\| Language \| Key \| Usage \|
		\|----------\|------------------------------------------------\|----------------------------------------------------------------------------------\|
		\| Default \| SECURE_LOCAL_STORAGE_HASH_KEY \| Used to specify the user specific hash key \|
		\| Default \| SECURE_LOCAL_STORAGE_PREFIX \| Used to change the local storage prefix where the data will be finally saved \|
		\| Default \| SECURE_LOCAL_STORAGE_DISABLED_KEYS \| Used to disable individual property from encryption / fingerprint key generation \|
		\| React \| REACT_APP_SECURE_LOCAL_STORAGE_HASH_KEY \| Used to specify the user specific hash key \|
		\| React \| REACT_APP_SECURE_LOCAL_STORAGE_PREFIX \| Used to change the local storage prefix where the data will be finally saved \|
		\| React \| REACT_APP_SECURE_LOCAL_STORAGE_DISABLED_KEYS \| Used to disable individual property from encryption / fingerprint key generation \|
		\| Vite \| VITE_SECURE_LOCAL_STORAGE_HASH_KEY \| Used to specify the user specific hash key \|
		\| Vite \| VITE_SECURE_LOCAL_STORAGE_PREFIX \| Used to change the local storage prefix where the data will be finally saved \|
		\| Vite \| VITE_SECURE_LOCAL_STORAGE_DISABLED_KEYS \| Used to disable individual property from encryption / fingerprint key generation \|
		\| Next.Js \| NEXT_PUBLIC_SECURE_LOCAL_STORAGE_HASH_KEY \| Used to specify the user specific hash key \|
		\| Next.Js \| NEXT_PUBLIC_SECURE_LOCAL_STORAGE_PREFIX \| Used to change the local storage prefix where the data will be finally saved \|
		\| Next.Js \| NEXT_PUBLIC_SECURE_LOCAL_STORAGE_DISABLED_KEYS \| Used to disable individual property from encryption / fingerprint key generation \|

		## Sample Code
		@@ -120,8 +141,10 @@

		## Whats new in 1.2.0?
		## Whats new in 1.2.1?

		Added support for Vite and Next.js environment variables

		## Whats new \| Previous?

		Now you can disable individual fingerprint generation properties, This is discussed in the following enhancement https://github.com/sushinpv/react-secure-storage/issues/14

		## Whats new in 1.1.0?

		Secure token returning null when the browser resizes problem was fixed. This was previously included as a security feature, but in the most recent update, it was removed. This was covered in the ensuing issue: https://github.com/sushinpv/react-secure-storage/issues/9
		@@ -131,4 +154,2 @@

		## Whats new \| Previous?

		Added support for updating Local Storage prefix, Now this can be updated using .env
		@@ -135,0 +156,0 @@

src/lib/fingerprint.ts

		/* eslint-disable no-undef */
		import envHelper from "./envHelper";
		import clientJS from "./fingerprint.lib";
		@@ -11,9 +12,4 @@
		const getFingerprint = () => {
		let HASH_KEY_CUSTOM = HASH_KEY;
		let HASH_KEY_CUSTOM = envHelper.getEnvValue("SECURE_LOCAL_STORAGE_HASH_KEY") \|\| HASH_KEY;

		// If Cypress is installed, then load env from cypress, adding support for cypress
		if (typeof Cypress != "undefined") HASH_KEY_CUSTOM = Cypress.env("SECURE_LOCAL_STORAGE_HASH_KEY") \|\| Cypress.env("REACT_APP_SECURE_LOCAL_STORAGE_HASH_KEY") \|\| HASH_KEY;
		//Load the custom HASH KEY from process.env
		else HASH_KEY_CUSTOM = process.env.SECURE_LOCAL_STORAGE_HASH_KEY \|\| process.env.REACT_APP_SECURE_LOCAL_STORAGE_HASH_KEY \|\| HASH_KEY;

		if (typeof window === "undefined") return HASH_KEY_CUSTOM;
		@@ -20,0 +16,0 @@ return clientJS.getFingerprint() + HASH_KEY_CUSTOM;

src/lib/utils.ts

		@@ -0,1 +1,3 @@
		import envHelper from "./envHelper";

		/**
		@@ -6,4 +8,3 @@ * Function which is used to get the secure prefix
		export const getSecurePrefix = (): string => {
		let KEY_PREFIX = process.env.SECURE_LOCAL_STORAGE_PREFIX \|\| process.env.REACT_APP_SECURE_LOCAL_STORAGE_PREFIX \|\| "@secure.";
		if (typeof Cypress != "undefined") KEY_PREFIX = Cypress.env("SECURE_LOCAL_STORAGE_PREFIX") \|\| Cypress.env("REACT_APP_SECURE_LOCAL_STORAGE_PREFIX") \|\| KEY_PREFIX;
		let KEY_PREFIX = envHelper.getEnvValue("SECURE_LOCAL_STORAGE_PREFIX") \|\| "@secure.";
		if (!KEY_PREFIX.endsWith(".")) return KEY_PREFIX + ".";
		@@ -33,4 +34,3 @@ return KEY_PREFIX;
		export const getDisabledKeys = (): string[] => {
		let DISABLED_KEYS = process.env.SECURE_LOCAL_STORAGE_DISABLED_KEYS \|\| process.env.REACT_APP_SECURE_LOCAL_STORAGE_DISABLED_KEYS \|\| "";
		if (typeof Cypress != "undefined") DISABLED_KEYS = Cypress.env("SECURE_LOCAL_STORAGE_DISABLED_KEYS") \|\| Cypress.env("REACT_APP_SECURE_LOCAL_STORAGE_DISABLED_KEYS") \|\| DISABLED_KEYS;
		let DISABLED_KEYS = envHelper.getEnvValue("SECURE_LOCAL_STORAGE_DISABLED_KEYS") \|\| "";
		if (DISABLED_KEYS === "") return [];
		@@ -37,0 +37,0 @@

.env

Sorry, the diff of this file is not supported yet

Fixed alerts

Improved metrics