A wrapper around 'localStorage/sessionStorage' to provide storage encryption with libsodium
$ npm install secret-local-storage
const { keygen } = require('secret-local-storage/keygen')
const secretKey = keygen()
const secretStorage = require('secret-local-storage')(secretKey) // will generate key by default
secretStorage.setItem('someKey', 'some secret value')
console.log(secretStorage.getItem('someKey')) // some secret value
console.log(localStorage.getItem('someKey')) // 5J3nmcMCcABSwJN
const secretStorage = require('secret-local-storage')('3e852b5d881b22261b8e417e217a9fa9757f4532305c4e46e2a6966aa89840f6')
localStorage.setItem('hello', 'world')
console.log(secretStorage.getItem('hello')); // outputs 'hello'
secretStorage.setItem('hello', 'world')
console.log(localStorage.getItem('hello')); // should be encrypted
The SecretLocalStorage
class implements the same API as the Storage
API.
const secretStorage = require('secret-local-storage')(secretKey, opts)
Create a secret storage instance with an optional secret key and options where:
secretKey
is a 32-byte buffer or 64 character 'hex' encoded string. The
encoding of the secret key can be specified with opts.secretKeyEncoding
.
If you do not supply a secret key, then one will be generated for you. This
should be saved and re-used to read the encrypted values.
opts
is an optional object to configure the storage where:
opts.secretKeyEncoding
is the encoding of the secret keyopts.valueEncoding
is an object containing encode(value)
and
decode(buffer)
functions.opts.storage
can be Storage interface or a function that
returns one.opts.seed
is an optionl seed value to generate the secret key that
should be 32 bytessecretKey.secretKey
A 32 byte secret key used for encryption and child key derivation.
secretStorage.storage
The Storage interface backing the SecretLocalStorage
instance.
secretKey.valueEncoding
The value encoding used for encoding and ecoding value written to storage.
secretKey.valueEncoding.encode(value)
Encodes value
into a Buffer
secretKey.valueEncoding.decode(buffer)
Decodes buffer
into a value. Most likely, a string.
secretStorage.key(n)
The same API as Storage.key().
secretStorage.getItem(key)
The same API as Storage.getItem(). If decryption fails, this function will return the original value found in storage.
secretStorage.setItem(key)
The same API as Storage.setItem().
secretStorage.removeItem(key)
The same API as Storage.removeItem().
secretStorage.clear(key)
The same API as Storage.clear().
MIT