search

cheatcode / joystick

A full-stack JavaScript framework for building stable, easy-to-maintain apps and websites.
https://cheatcode.co/joystick
Other
209 stars 11 forks source link

Simple Data Encryption #376

Open rglover opened 5 months ago

rglover commented 5 months ago

This has come to mind a few times. Goal would be to offer a simple API that developers could use to encrypt data before storing and when retrieving. Something like this:

import { encrypt } from '@joystick.js/node';

const setters = {
  update_profile: {
    set: (input = {}, context = {}) => {
      return process.databases.mongodb.collection('users').updateOne({
        _id: context?.user?._id,
      }, {
        $set: {
          mailing_address: encrypt(input?.mailing_address),
        },
      });
    }
  }
};

export default setters;

Internally, encrypt() would pull from something like config.encryption_key in the env settings, or, you could optionally pass an encryption key on the fly. This would give full control over encryption to developers while helping to keep data more secure.