Skip to content
/ polyonic-secure-pouch Public

PouchDB AES encryption using brix/crypto-js for Polyonic and Browsers

7 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

paulsutherland/polyonic-secure-pouch

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

33 Commits
.vscode
.vscode
 
 
examples
examples
 
 
src
src
 
 
test
test
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

JavaScript Style Guide devDependencies Status

MIT Licence Open Source Love

Secure Pouch

PouchDB plugin for AES encryption of data in Polyonic and browsers using danang-id/simple-crypto-js which uses brix/crypto-js

const db = new PouchDB('app.db');

db.encrypt(password);
// all done, docs should be transparently encrypted/decrypted

Details

If you replicate to another database, it will decrypt before sending it to the external one. So make sure that one also has a password set as well if you want it encrypted too.

If you need to decrypt manually see danang-id/simple-crypto-js

This only encrypts the contents of documents, not the _id, _rev, _conflicts or _deleted.

I based this plugin on lil5/simple-cryptor-pouch, but tailored it to work with the Polyonic app seed project.

This project should also work on the following:

  • web (with a babel.js bundler)
  • electron
  • nodejs
  • react native

Save attachments are not ignored by default (_attachments), I would first need to make some test to really see if this is sane. At the moment I do not use attachments. I prefer to store attachments/blobs in blob storage.

Install

This plugin is hosted on npm:

npm i -s polyonic-secure-pouch

API

db.encrypt(password [, options])

Set up encryption on the database.

  • options.ignore
    String or Array of Strings of properties that will not be encrypted.

Examples

Change password

const PouchDB = require('pouchdb')
const SecurePouch = require('polyonic-secure-pouch')
PouchDB.plugin(SecurePouch)

const oldDBpath = './password-old.db'
const newDBpath = './password-new.db'

const oldDB = PouchDB(oldDBpath)
const newDB = PouchDB(newDBpath)

oldDB.encrypt('oldPassword')
newDB.encrypt('newBe//erPassw0rd')

PouchDB.replicate(oldDB, newDB, {live: true, retry: true})
.on('complete', info => console.log({output: info, message: 'complete'}))
.on('error', err => console.error(Error({output: err, message: 'error'})))
.on('denied', err => console.error(Error({output: err, message: 'denied'})))

file: examples/change-password.js

Sync encrypted remote

const PouchDB = require('pouchdb')
const SecurePouch = require('polyonic-secure-pouch')
PouchDB.plugin(SecurePouch)

const localPath = './sync-remote.db'
const remoteURL = 'http://127.0.0.1:5984'

const local = PouchDB(localPath)
const remote = PouchDB(remoteURL)

remote.encrypt('password')

// comment out to encrypt only the remote
// local.encrypt('password')

PouchDB.sync(local, remote, {live: true, retry: true})
.on('complete', info => console.log({output: info, message: 'complete'}))
.on('error', err => console.error(Error({output: err, message: 'error'})))
.on('denied', err => console.error(Error({output: err, message: 'denied'})))

file: examples/sync-encrypted-remote.js

About

PouchDB AES encryption using brix/crypto-js for Polyonic and Browsers

Resources

Readme
Activity

Stars

7 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages