Skip to content

🔑 A Sequelize plugin for easily integrating Hashicorp Vault

License

Notifications You must be signed in to change notification settings

linyows/sequelize-vault

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Sequelize Vault: A Sequelize plugin for easily integrating Hashicorp Vault.





Installation

$ npm install sequelize-vault

Usage

This package transparently encrypts and decrypts columns in _encrypted format using Hashicorp Vault.

Node.js:

const Sequelize = require('sequelize')
const SequelizeVault = require('sequelize-vault')

const s = new Sequelize({
  username: 'root',
  password: '',
  dialect: 'sqlite',
  database: 'test',
})
const User = s.define('user', {
  ssn_encrypted: Sequelize.STRING,
  ssn: Sequelize.VIRTUAL,
})

SequelizeVault.Vault.app = 'fooapp'
SequelizeVault.Vault.address = 'http://master-vault'
SequelizeVault.default(User)

const u = await User.create({ ssn: '123-45-6789' })
console.log(u.ssn_encrypted)
// vault:v0:EE3EV8P5hyo9h...

TypeScript:

import {Sequelize, Table, Column, Model} from 'sequelize-typescript'
import SequelizeVault, {Vault} from 'sequelize-vault'

const s = new Sequelize({
  username: 'root',
  password: '',
  dialect: 'sqlite',
  database: 'test',
})

@Table
class User extends Model<User> {
  @Column
  ssn_encrypted: string

  @Column(DataType.VIRTUAL)
  ssn: string
}

s.addModels([User])

Vault.app = 'fooapp'
Vault.address = 'http://master-vault'
SequlizeVault(User)
const u = await User.create({ ssn: '123-45-6789' })
console.log(u.ssn_encrypted)
// vault:v0:EE3EV8P5hyo9h...

Options

Key Value
enabled true or false(default)
app my-app
token abcd1234
address https://vault.example.com
suffix _encrypted
convergented true or false(default)
context Vault.app(default)
path v1/transit
timeout 3 * 60 * 1000
ua sequelize-vault/1.0.0 (+https://github....

Contribution

  1. Fork (https://github.com/linyows/sequelize-vault/fork)
  2. Create a feature branch
  3. Commit your changes
  4. Rebase your local changes against the master branch
  5. Run test suite with the npm ci command and confirm that it passes
  6. Create a new Pull Request

Author

linyows