I have a client side data storing in the localStorage. For security reasons i want to encrypt the data. Is there any way to encrypt/decrypt the client data(not server data) using Angularjs?
$scope.accountObj = {
isErrorMsg:false,
isReadonly:false,
createAccountErr:false
};
serving all content (when online) from a single trusted server over ssl. validating all data going to and from local storage on the server using owasp antisamy project. in the network section of the appcache, not using *, and instead listing only the URIs required for connection with the trusted server.
How Secure is Local Storage? When using local storage in Angular, the rule of thumb is to not store anything sensitive. Anything you store in local storage can be accessed by code in your browser. It's ok to store JSON web tokens since they're already encrypted.
You could use cryptojs library for encrypting/decrypting your data. First you should generate some key to use in encryption process:
var secretKey = 'your-secret-key';
Then you need method to store and claim data:
store : function (key, value) {
var encryptedData = CryptoJS.AES.encrypt(angular.toJson(value), secretKey).toString();
window.localStorage.setItem(key, encryptedData);
},
get : function (key) {
var encryptedData = window.localStorage.getItem(key);
if (!_.isNull(encryptedData))
return angular.fromJson(CryptoJS.AES.decrypt(encryptedValue, secretKey).toString(CryptoJS.enc.Utf8));
return null;
}
The only problem here is that secret key is stored on the client side and it's kind of breaking logics of such encryptions.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With