🔑 A Sequelize plugin for easily integrating Hashicorp Vault
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
src add newline for method chains Dec 1, 2018
.gitignore add .gitignore Apr 12, 2018
.npmignore add .npmignore Apr 16, 2018
.travis.yml use postgres on travis May 10, 2018
LICENSE Initial commit Apr 16, 2018
README.md Update README.md Jul 5, 2018
index.js use only default export on index May 5, 2018
package.json chore(package): update ava to version 1.0.1 Dec 15, 2018
tsconfig.json allow any index Apr 18, 2018
tslint.json fix lint for filename Nov 2, 2018

README.md

Sequelize Vault: A Sequelize plugin for easily integrating Hashicorp Vault.





Installation

$ npm install sequelize-vault

Usage

This package transparently encrypts and decrypts columns in _encrypted format using Hashicorp Vault.

Node.js:

const Sequelize = require('sequelize')
const SequelizeVault = require('sequelize-vault')

const s = new Sequelize({
  username: 'root',
  password: '',
  dialect: 'sqlite',
  database: 'test',
})
const User = s.define('user', {
  ssn_encrypted: Sequelize.STRING,
  ssn: Sequelize.VIRTUAL,
})

SequelizeVault.Vault.app = 'fooapp'
SequelizeVault.Vault.address = 'http://master-vault'
SequelizeVault.default(User)

const u = await User.create({ ssn: '123-45-6789' })
console.log(u.ssn_encrypted)
// vault:v0:EE3EV8P5hyo9h...

TypeScript:

import {Sequelize, Table, Column, Model} from 'sequelize-typescript'
import SequelizeVault, {Vault} from 'sequelize-vault'

const s = new Sequelize({
  username: 'root',
  password: '',
  dialect: 'sqlite',
  database: 'test',
})

@Table
class User extends Model<User> {
  @Column
  ssn_encrypted: string

  @Column(DataType.VIRTUAL)
  ssn: string
}

s.addModels([User])

Vault.app = 'fooapp'
Vault.address = 'http://master-vault'
SequlizeVault(User)
const u = await User.create({ ssn: '123-45-6789' })
console.log(u.ssn_encrypted)
// vault:v0:EE3EV8P5hyo9h...

Options

Key Value
enabled true or false(default)
app my-app
token abcd1234
address https://vault.example.com
suffix _encrypted
convergented true or false(default)
context Vault.app(default)
path v1/transit
timeout 3 * 60 * 1000
ua sequelize-vault/1.0.0 (+https://github....

Contribution

  1. Fork (https://github.com/linyows/sequelize-vault/fork)
  2. Create a feature branch
  3. Commit your changes
  4. Rebase your local changes against the master branch
  5. Run test suite with the npm ci command and confirm that it passes
  6. Create a new Pull Request

Author

linyows