npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@paipe-technology/prisma-crypto

v0.12.7

Published

An easy method to apply database encryption using PrismaORM

Downloads

6

Readme

Prisma-Crypto: Automated Encryption for Prisma ORM

npm version NPM Downloads GitHub issues Code Coverage

The prisma-crypto is an extension for the Prisma ORM that simplifies the implementation of encryption in your database models. With a simple annotation and some configurations, you can ensure that your data is stored securely while still maintaining the ability to query these data efficiently.


📑 Table of Contents


🚀 Installation

npm install prisma-crypto

or

yarn add prisma-crypto

🌐 Environment Configuration

Before starting, set up the following environment variables:

- PRISMA_CRYPTO_SECRET_KEY="" #Your secret key for encryption. Must be 32 characters
- PRISMA_CRYPTO_DIRECT_DB="" #Direct connection to the database. Useful for development environments with Docker.
- PRISMA_CRYPTO_WRITE_DB="" #Connection to the write instance. Used for write operations via Prisma Client.
- PRISMA_CRYPTO_READ_DB="" #Connection to the read instance. Used for read operations via Prisma Client.
- PRISMA_CRYPTO_DEBUG=false #Activate to get detailed logs of the package's operation.

In scenarios where the prisma client has not yet been initialized - as in the case of a project that has just been cloned - it will be necessary to do so. We recommend that you configure a post-installation script, as follows:

{ // package.json
  "scripts": {
    "postinstall": "npx prisma generate --generator client",
    // other scripts here
  },
  // other configs here
}

This way, whenever you run an npm i your prisma client will automatically be initialized. If you don't want to add the script, just run the command npx prisma generate --generator client manually via CLI.


📝 Schema Configuration

In your schema.prisma, setup a new generator and add the @encrypt annotation to the fields you want to encrypt.

generator encrypt {
    provider = "prisma-crypto"
}

model User {
  id       Int     @id @default(autoincrement())
  email    String  @unique // @encrypt
  password String  // @encrypt
}

🛠 Usage

With prisma-crypto set up, run your Prisma operations as usual. The extension will handle encryption and decryption for you.

import { PrismaCrypto } from "prisma-crypto";

const prisma = new PrismaCrypto({
    debug: true // It is possible to control the level of granularity of the debug by activating only the client and deactivating the env(general)
}).getPrismaClient();

const newUser = {
  email: '[email protected]',
  password: 'securePassword',
};

await prisma.user.create({
  data: newUser,
});

When retrieving the user, the encrypted fields will be automatically decrypted:

import { PrismaCrypto } from "prisma-crypto";

const prisma = new PrismaCrypto().getPrismaClient();

const userEmail = '[email protected]';

const user = await prisma.user.findUnique({
  where: {
    email: userEmail,
  },
});

console.log(user.password); // 'securePassword'

If necessary, you can call Prisma Crypto's encryption/decryption methods manually:

import { EncryptionMethods } from "@paipe/prisma-crypto";

const encryptedString = EncryptionMethods.encryptData("test");
const decryptedString = EncryptionMethods.decryptData("test");

📖 Technical Details

Encryption Algorithm

The prisma-crypto uses the aes-256-gcm algorithm for encryption. This is a symmetric encryption algorithm that is widely recognized for its security and efficiency.

Deterministic Encryption

To allow queries on encrypted fields, the prisma-crypto uses a deterministic approach, where the same input will always produce the same encrypted output. This is achieved through the use of hashes.

Limitations

  • Only string or string[] fields can be encrypted.
  • The package has been optimized for use with PostgreSQL.
  • Operations like LIKE and IN are not supported on encrypted fields.

🎯 Use Cases

Saving Data with Encryption

When creating or updating records, fields marked with @encrypt will be automatically encrypted.

Querying Encrypted Data

When querying encrypted data, the prisma-crypto applies encryption to the query values to ensure the correct results are returned.

Retrieving Encrypted Data

When retrieving records, the encrypted fields will be automatically decrypted.

Change History for Data Encryption

Keep a record of all changes made to encrypted data, including which data was added or removed from the encryption list.


🤝 Contribution

Contributions are welcome! Check the contribution guide for details.


📜 License

This project is licensed under the MIT license.


Developed with ❤️ by Lucas Servo.
📧 Contact: [email protected]