diff options
| -rw-r--r-- | lib/crypt.js | 19 | ||||
| -rw-r--r-- | models/Note.js | 30 | ||||
| -rw-r--r-- | pages/api/note/[id].js | 5 | ||||
| -rw-r--r-- | pages/api/notes.js | 2 |
4 files changed, 52 insertions, 4 deletions
diff --git a/lib/crypt.js b/lib/crypt.js new file mode 100644 index 0000000..4037c28 --- /dev/null +++ b/lib/crypt.js @@ -0,0 +1,19 @@ +const crypto = require('crypto') +const algorithm = 'aes-256-ctr' +const secretKey = 'QZmGk0WwHMIhDaIsgSqwdnrPjPM3VwN1' + +export const encrypt = (text) => { + const iv = crypto.randomBytes(16) + const cipher = crypto.createCipheriv(algorithm, secretKey, iv) + const encrypted = Buffer.concat([cipher.update(text), cipher.final()]) + + return iv.toString('hex') + '::' + encrypted.toString('hex') +} + +export const decrypt = (hash) => { + const [iv, content] = hash.split('::') + const decipher = crypto.createDecipheriv(algorithm, secretKey, Buffer.from(iv, 'hex')) + const decrpyted = Buffer.concat([decipher.update(Buffer.from(content, 'hex')), decipher.final()]) + + return decrpyted.toString(); +} diff --git a/models/Note.js b/models/Note.js index 1790c91..3f94e62 100644 --- a/models/Note.js +++ b/models/Note.js @@ -1,8 +1,36 @@ +const {encrypt, decrypt} = require('lib/crypt') const mongoose = require('mongoose') const noteSchema = new mongoose.Schema({ content: {type: String, required: true, minlength: 1}, -}); +}) + +noteSchema.statics.getNote = async (id) => { + const note = await Note.findById(id) + if (!note) throw new Error('Could not fetch note') + + const content = decrypt(note.content) + + return {...note, content} +} + +noteSchema.statics.updateNote = async (id, content) => { + const note = await Note.findByIdAndUpdate(id, {content: encrypt(content)}, {new: true}) + + if (!note) throw new Error('Could not update note') + + return {...note, content} +} + +noteSchema.pre('save', async function(next){ + const note = this; + + if (note.isModified('content')) { + note.content = await encrypt(note.content) + } + + next() +}) const Note = mongoose.models.Note || mongoose.model('Note', noteSchema) diff --git a/pages/api/note/[id].js b/pages/api/note/[id].js index 8ba3b70..46278c8 100644 --- a/pages/api/note/[id].js +++ b/pages/api/note/[id].js @@ -3,7 +3,7 @@ import withSession from 'lib/withSession' import Note from 'models/Note' export default withSession(async (req, res) => { - const { id } = req.query + const {id} = req.query await dbConnect() switch (req.method) { @@ -15,7 +15,7 @@ export default withSession(async (req, res) => { throw new Error('Something went wrong') } - const note = await Note.findById(id) + const note = await Note.getNote(id) if (!note) { throw new Error('Something went wrong') @@ -23,6 +23,7 @@ export default withSession(async (req, res) => { res.status(200).json(note) } catch (error) { + console.log(error) res.status(400).json({error: true}) } break diff --git a/pages/api/notes.js b/pages/api/notes.js index 73a7217..dd31c6f 100644 --- a/pages/api/notes.js +++ b/pages/api/notes.js @@ -78,7 +78,7 @@ export default withSession(async (req, res) => { throw new Error('Something went wrong') } - await Note.findByIdAndUpdate(noteId, {content}, {new: true}) + await Note.updateNote(noteId, content) const notes = await NoteList.findOneAndUpdate( { _id: user.noteList, "notes.noteId": noteId }, |