UNPKG

hashon

Version:

Encrypt, decrypt and hash JSON data with AES and SHA — made for secure local files and syncing.

138 lines (93 loc) 3.22 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
````md # hashon ![npm version](https://img.shields.io/npm/v/hashon.svg) ![npm downloads](https://img.shields.io/npm/dm/hashon.svg) ![license](https://img.shields.io/npm/l/hashon.svg?cacheBust=1) A simple Node.js library for automatically encrypting, decrypting, and hashing JSON data using CryptoJS. --- ## Installation ```bash npm install hashon ```` --- ## Usage (async/await) Use the async API to automatically keep encrypted `.sec.json` files in sync with your plaintext `.json` files. Example usage with Express: ```js const express = require('express'); const fs = require('fs').promises; const path = require('path'); const { decrypt, autoEncryptIfChanged } = require('hashon'); require('dotenv').config(); const app = express(); const port = 3001; // 🔹 Ensure SECRET_KEY is provided const SECRET_KEY = process.env.SECRET_KEY; if (!SECRET_KEY) { console.error("❌ SECRET_KEY missing in .env file. Please add it for encryption/decryption."); process.exit(1); } const dataPath = path.join(__dirname, 'data', 'data.json'); const securePath = dataPath.replace(/\.json$/, '.sec.json'); // Automatically encrypt and sync .sec.json file on startup autoEncryptIfChanged(dataPath, SECRET_KEY).catch(console.error); // Serve plaintext JSON app.get('/api/data', async (req, res) => { try { const raw = await fs.readFile(dataPath, 'utf-8'); res.type('application/json').send(raw); } catch { res.status(500).json({ error: 'Could not read file' }); } }); // Serve decrypted JSON from encrypted file app.get('/api/secure-data', async (req, res) => { try { const encrypted = await fs.readFile(securePath, 'utf-8'); const json = decrypt(encrypted, SECRET_KEY); res.json(json); } catch (err) { console.error('[server] Decryption error:', err); res.status(500).json({ error: 'Decryption failed or file missing' }); } }); app.listen(port, () => { console.log(`[server] Listening on http://localhost:${port}`); }); ``` --- ## How It Works * You edit `data.json` as normal. * `hashon` detects changes and automatically updates `data.sec.json` asynchronously. * This ensures your encrypted data is always up to date without blocking your app. --- ## About `data.json` and `data.sec.json` * `data.json` is your editable, plaintext JSON file. * `data.sec.json` is the AES-encrypted counterpart automatically managed by `hashon`. --- ## Features * 🔐 AES encryption with optional secret key. * 🔒 SHA-512 hashing with `$HASH$` prefix tagging. * ⚙️ Async, non-blocking file encryption and syncing. * 🧩 Easy integration in any Node.js or Express application. --- ## Setting the Secret Key Create a `.env` file in your project root: ```env SECRET_KEY=your_very_secret_password ``` If not set, a default insecure fallback key is used (do **not** use this in production). > ⚠️ Always set a secure `SECRET_KEY` for production environments. --- ## License MIT --- ## Changelog See [CHANGELOG.md](./CHANGELOG.md) for details on recent changes and releases. --- ## Contributions Feel free to open issues or submit pull requests on GitHub! [https://github.com/FelixLind1](https://github.com/FelixLind1) --- **Made by Felix Lind** ```