You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

secure-web-storage

Package Overview
Dependencies
Maintainers
1
Versions
3
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

secure-web-storage

A simple wrapper for localStorage/sessionStorage that allows one to encrypt/decrypt the data being stored.

1.0.2
latest
Source
npmnpm
Version published
Weekly downloads
5.7K
1.46%
Maintainers
1
Weekly downloads
 
Created
Source

SecureStorage

GitHub release npm version npm downloads npm downloads

A simple wrapper for localStorage/sessionStorage that allows one to encrypt/decrypt the data being stored.

Install:

$ npm install secure-web-storage

What SecureStorage Looks Like

app.js:

var CryptoJS = require("crypto-js");

var SECRET_KEY = 'my secret key';

var secureStorage = new SecureStorage(localStorage, {
    hash: function hash(key) {
        key = CryptoJS.SHA256(key, SECRET_KEY);

        return key.toString();
    },
    encrypt: function encrypt(data) {
        data = CryptoJS.AES.encrypt(data, SECRET_KEY);

        data = data.toString();

        return data;
    },
    decrypt: function decrypt(data) {
        data = CryptoJS.AES.decrypt(data, SECRET_KEY);

        data = data.toString(CryptoJS.enc.Utf8);

        return data;
    }
});

var data = {
    secret: 'data'
};

// there is no need to stringify/parse you objects before and after storing.

secureStorage.setItem('data', data);
// stores in localStorage like:
// key => value
// "ad36d572..." => "w1svi6n..."

var decryptedData = secureStorage.getItem('data');
// returns { secret: 'data' }

secureStorage.removeItem('data');
// removes the entry 'data'

secureStorage.key(id)
// returns the hashed version of the key you passed into setItem with the given id.

secureStorage.clear();
// clears all data in the underlining sessionStorage/localStorage.

secureStorage.length;
// the number of entries in the underlining sessionStorage/localStorage.

Keywords

localStorage
sessionStorage
encrypt
decrypt
storage
web

FAQs

Package last updated on 09 Feb 2017

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Active Supply Chain Attack: npm Phishing Campaign Leads to Prettier Tooling Packages Compromise

Security News

Active Supply Chain Attack: npm Phishing Campaign Leads to Prettier Tooling Packages Compromise

Popular npm packages like eslint-config-prettier were compromised after a phishing attack stole a maintainer’s token, spreading malicious updates.

By Sarah Gooding  -  Jul 19, 2025
npm Phishing Email Targets Developers with Typosquatted Domain

Security News

/

Research

npm Phishing Email Targets Developers with Typosquatted Domain

A phishing attack targeted developers using a typosquatted npm domain (npnjs.com) to steal credentials via fake login pages - watch out for similar scams.

By Sarah Gooding  -  Jul 18, 2025