From c7d4266035ecbe7d31f4523024404e71f7ba0b99 Mon Sep 17 00:00:00 2001 From: Red-Asuka Date: Mon, 25 Nov 2024 16:49:33 +0800 Subject: [PATCH] feat(database): integrate encryption for storage and secure API key in settings schema --- apps/web/src/database/index.ts | 9 ++++++++- apps/web/src/database/schemas/Settings.schema.ts | 1 + 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/apps/web/src/database/index.ts b/apps/web/src/database/index.ts index 921e3276b..dc32ef681 100644 --- a/apps/web/src/database/index.ts +++ b/apps/web/src/database/index.ts @@ -9,6 +9,7 @@ import settingsSchema from './schemas/Settings.schema' // import modules import { disableWarnings, RxDBDevModePlugin } from 'rxdb/plugins/dev-mode' +import { wrappedKeyEncryptionCryptoJsStorage } from 'rxdb/plugins/encryption-crypto-js' import { RxDBLeaderElectionPlugin } from 'rxdb/plugins/leader-election' import { RxDBUpdatePlugin } from 'rxdb/plugins/update' import { wrappedValidateAjvStorage } from 'rxdb/plugins/validate-ajv' @@ -29,11 +30,17 @@ export function useDatabase(): RxMqttxDatabase { } export async function createDatabase(): Promise { + // wrap the normal storage with the encryption plugin + const encryptedDexieStorage = wrappedKeyEncryptionCryptoJsStorage({ + storage: getRxStorageDexie(), + }) + const db = await createRxDatabase({ name: 'mqttx', storage: wrappedValidateAjvStorage({ - storage: getRxStorageDexie(), + storage: encryptedDexieStorage, }), + password: 'EBJ3cru8fun5gtw*tky', eventReduce: true, }) diff --git a/apps/web/src/database/schemas/Settings.schema.ts b/apps/web/src/database/schemas/Settings.schema.ts index 2a05e2895..aa090d428 100644 --- a/apps/web/src/database/schemas/Settings.schema.ts +++ b/apps/web/src/database/schemas/Settings.schema.ts @@ -82,6 +82,7 @@ const settingsSchema: RxJsonSchema = { }, }, required: ['id'], + encrypted: ['openAIAPIKey'], } export default settingsSchema