npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

redux-persist-transform-passwords

v1.5.0

Published

Store parts of your state tree in keytar

Downloads

47

Readme

redux-persist-transform-passwords

Store some parts of your state in the macOS Keychain, Credential Vault on Windows, or libsecret on Linux. Uses keytar. Adheres to the redux-persist transform API, but async transforms must be enabled.

Install

npm i redux-persist-transform-passwords --save

Usage

Given a state shape like:

{
  credentials: {
    username: 'charlie',
    password: 'hunter42'
  }
}

Supply either a getter string (see Lodash get) or a function that, given your input state, returns a getter string:

import { persistStore } from 'redux-persist';
import createPasswordTransform from 'redux-persist-transform-passwords';

const passwordTransform = createPasswordTransform({
  serviceName: 'com.mySecretCompany.mySecretApp',
  passwordPaths: 'credentials.password',
  whitelist: ['authReducer']
});

persistStore(store, {
  transforms: [passwordTransform],
  asyncTransforms: true
});

Before serialization, the values at passwordPaths will be removed from your state and written into keytar. When the store is rehydrated, the secrets are read in from keytar and reapplied to your state.

You can find more usage examples by reading the tests.

API

createPasswordTransform(config) - Creates a new transform instance.

config (Object) - Configuration parameters

* `serviceName (String)` - The top-level identifier for your app to store items in the keychain.
* `accountName (String)` - (Optional) A sub-identifier for individual entries. If not provided, strings taken from `passwordPaths` will be used.
* `passwordPaths (String|Array<String>|((state) => String|Array<String>)` - (Optional) Lodash getter path(s) to passwords in your state, or a function that, given your state, returns path(s). Leave empty to write the entire reducer.
* `clearPasswords (Boolean)` - (Optional) Whether or not to clear the properties from `passwordPaths` before the state is persisted. Defaults to `true`.
* `serialize (Boolean)` - (Optional) Whether or not to serialize password properties as JSON strings. Defaults to `false`.
* `logger ((message, ...args) => void)` - (Optional) An optional logging method. Defaults to `noop`.

clearKeychain(serviceName, accountName): Promise<boolean> - Remove an entry from the keychain.

accessKeychain(serviceName, accountName): Promise<boolean> - Test for access to the keychain.

Since we don't want to throw any errors during the state transform, we'll catch & log any exceptions in the keychain operation. To give consumers a way to check access beforehand (and to control the time at which the OS keychain prompt appears), we provide the accessKeychain method. You'll need to call this method before your Redux store is rehydrated, since the rehydrate will attempt to read from the keychain:

import createPasswordTransform, {
  accessKeychain
} from 'redux-persist-transform-passwords';
import createEncryptor from 'redux-persist-transform-encrypt';

async createAndPersistStore() {
  // Check if we can access the keychain first
  // On some platforms this will pop an OS permissions dialog!
  const canAccess = await accessKeychain();

  // If we don't have access, fallback to encrypting the passwords
  const passwordTransform = canAccess ? createPasswordTransform({
    serviceName: 'MyApp',
    accountName: 'Passwords',
    whitelist: ['passwords']
  }) : createEncryptor({
    secretKey,
    whitelist: ['passwords']
  });

  // Business as usual for redux-persist
  persistStore(yourStore, {
    asyncTransforms: true,
    transforms: [passwordTransform]
    ...
  });
}