Object returned by save or create is cyphered

wheresvic / mongoose-field-encryption

A simple symmetric encryption plugin for individual fields. Dependency free, only mongoose peer dependency.

MIT License

74 stars 32 forks source link

Object returned by save or create is cyphered #23

Closed eyp closed 6 years ago

eyp commented 6 years ago

If I have a field name marked as cyphered and I do:

new User(myUser).save().then((savedUser) => { savedUser.name is cyphered } Shouldn't it be like when I do a find? Or I must do a find afterwardsto be able to use the object?

wheresvic commented 6 years ago

Hi @eyp ,

You can use the decrypt method as provided by the encryption plugin - see below for an example:

new User(myUser).save().then((savedUser) => {
   savedUser.decryptFieldsSync();
}

where user is mongoose.model("User", UserSchema) and the UserSchema has the field encryption plugin set.

eyp commented 6 years ago

Thanks. I'm experiencing the same issue doing a find({my criteria}). Of course if I loop all the results and do a decryptFieldsSync() the fields are decrypted. Is this the right way to do it?

wheresvic commented 6 years ago

@eyp - yes, you can loop through and decrypt the fields.

We can also consider providing an option for the plugin that would automatically decrypt them - would this be something useful for you?

eyp commented 6 years ago

Yes, I think it would be better to have an option. What I was looking for was something that made transparent the insertion of ciphered fields, but also the read from the database. So what I wanted only was to have some fields ciphered in the database, not outside it.

vinczedani commented 6 years ago

The 'init' hook should decrypt your data, How are you finding the documents?

eyp commented 6 years ago

Just after doing MySchema.find({some criteria}) I need to decrypt the fields manually.

vinczedani commented 6 years ago

Dear @eyp Sorry for the long wait, but I only had time now to check on your issue. You were right, the find({ query }) did not decrypt the data as expected. I created a new pull request and a new test case to cover this. The fix and the test is now an open PR. @wheresvic I think the expected behaviour is to have the data decrypted just like on findById and other find methods. So in my opinion, even tho it is breaking the interface, it should not be a major version bump. Cheers, Daniel

wheresvic commented 6 years ago

@eyp please try with latest release (2.1.1) :grin:

eyp commented 6 years ago

It's strange, now I'm in 2.1.1 and I still have to decrypt manually, doing: myResults.forEach((myResult) => { myResult.decryptFieldsSync() }) After a regular find.

eyp commented 6 years ago

It's true that your test is working fine, so it should be working in my case as well. I'll revise my code to figure out what's happening.

eyp commented 6 years ago

So what's happening is that even if my version is 2.1.1 (updated with npm, of course), the file that is downloaded doesn't have the change you did for fixing this error (the line 207):

schema.pre("init", function(_next, _data) {

instead of

schema.post("init", function(_next, _data) {

eyp commented 6 years ago

Anyway, just realized you released 2.1.3 that has everything. So forget about it.