Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Encrypting the client side local storage data using Angularjs

I have a client side data storing in the localStorage. For security reasons i want to encrypt the data. Is there any way to encrypt/decrypt the client data(not server data) using Angularjs?

$scope.accountObj = {
        isErrorMsg:false,
        isReadonly:false,
        createAccountErr:false        
    }; 
like image 847
vishnu Avatar asked Mar 02 '16 06:03

vishnu


People also ask

How do I protect my local storage data?

serving all content (when online) from a single trusted server over ssl. validating all data going to and from local storage on the server using owasp antisamy project. in the network section of the appcache, not using *, and instead listing only the URIs required for connection with the trusted server.

Is angular local storage secure?

How Secure is Local Storage? When using local storage in Angular, the rule of thumb is to not store anything sensitive. Anything you store in local storage can be accessed by code in your browser. It's ok to store JSON web tokens since they're already encrypted.


1 Answers

You could use cryptojs library for encrypting/decrypting your data. First you should generate some key to use in encryption process:

 var secretKey = 'your-secret-key';

Then you need method to store and claim data:

store : function (key, value) {
    var encryptedData = CryptoJS.AES.encrypt(angular.toJson(value), secretKey).toString();
    window.localStorage.setItem(key, encryptedData);
},

get : function (key) {
    var encryptedData = window.localStorage.getItem(key);

    if (!_.isNull(encryptedData))
        return angular.fromJson(CryptoJS.AES.decrypt(encryptedValue, secretKey).toString(CryptoJS.enc.Utf8));

    return null;
}

The only problem here is that secret key is stored on the client side and it's kind of breaking logics of such encryptions.

like image 150
xSaber Avatar answered Oct 02 '22 06:10

xSaber