We are using bcrypt for passwords and data that never needs to be decrypted.
我们在密码和数据中使用bcrypt,这些密码和数据永远不需要解密。
What should do to protect other user information that does. For this example lets say that we didn't want a users real name to be in plain text in case someone was to obtain the db.
如何保护其他用户信息。对于这个示例,我们假设我们不希望用户的真实姓名使用纯文本,以防有人获得db。
This is somewhat sensitive data but also needs to be called from time to time and displayed in plain text. Is there a simple way to do this?
这是有点敏感的数据,但也需要不时调用,并以纯文本显示。有简单的方法吗?
1 个解决方案
#1
106
You can use the crypto module:
您可以使用crypto模块:
var crypto = require('crypto');
var assert = require('assert');
var algorithm = 'aes256'; // or any other algorithm supported by OpenSSL
var key = 'password';
var text = 'I love kittens';
var cipher = crypto.createCipher(algorithm, key);
var encrypted = cipher.update(text, 'utf8', 'hex') + cipher.final('hex');
var decipher = crypto.createDecipher(algorithm, key);
var decrypted = decipher.update(encrypted, 'hex', 'utf8') + decipher.final('utf8');
assert.equal(decrypted, text);
#1
106
You can use the crypto module:
您可以使用crypto模块:
var crypto = require('crypto');
var assert = require('assert');
var algorithm = 'aes256'; // or any other algorithm supported by OpenSSL
var key = 'password';
var text = 'I love kittens';
var cipher = crypto.createCipher(algorithm, key);
var encrypted = cipher.update(text, 'utf8', 'hex') + cipher.final('hex');
var decipher = crypto.createDecipher(algorithm, key);
var decrypted = decipher.update(encrypted, 'hex', 'utf8') + decipher.final('utf8');
assert.equal(decrypted, text);