krikkert/habitica
1
0
Fork 0
mirror of https://github.com/HabitRPG/habitica.git synced 2025-12-17 14:47:53 +01:00
Code Issues Packages Projects Releases Wiki Activity

Updated encryption

Browse Source
This commit is contained in:
Keith Holliday
2018-01-25 17:33:50 -06:00
parent d85f18751c
commit 3fcd04fd8a
2 changed files with 11 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
config.json.example
View File

@@ -22,6 +22,8 @@
"CRON_SEMI_SAFE_MODE":"false",
"MAINTENANCE_MODE": "false",
"SESSION_SECRET":"YOUR SECRET HERE",
"SESSION_SECRET_KEY": "1234567891234567891234567891234567891234567891234567891234567891",
"SESSION_SECRET_IV": "12345678912345678912345678912345",
"ADMIN_EMAIL": "you@example.com",
"SMTP_USER":"user@example.com",
"SMTP_PASS":"password",

16
website/server/libs/encryption.js
View File

@@ -1,24 +1,26 @@
import {
createCipher,
createDecipher,
createCipheriv,
createDecipheriv,
} from 'crypto';
import nconf from 'nconf';
const algorithm = 'aes-256-ctr';
const SESSION_SECRET = nconf.get('SESSION_SECRET');
const SESSION_SECRET_KEY = nconf.get('SESSION_SECRET_KEY');
const SESSION_SECRET_IV = nconf.get('SESSION_SECRET_IV');
const key = Buffer.from(SESSION_SECRET_KEY, 'hex');
const iv = Buffer.from(SESSION_SECRET_IV, 'hex');
export function encrypt (text) {
let cipher = createCipher(algorithm, SESSION_SECRET);
const cipher = createCipheriv(algorithm, key, iv);
let crypted = cipher.update(text, 'utf8', 'hex');
crypted += cipher.final('hex');
return crypted;
}
export function decrypt (text) {
let decipher = createDecipher(algorithm, SESSION_SECRET);
const decipher = createDecipheriv(algorithm, key, iv);
let dec = decipher.update(text, 'hex', 'utf8');
dec += decipher.final('utf8');
return dec;
}