Last active
November 13, 2022 11:32
-
-
Save peiyush13/dce558769203d98d27699d9c93d70f4d to your computer and use it in GitHub Desktop.
Client Side Encryption in Rails
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<div class="input-container"> | |
<%= f.password_field :password, placeholder: "Password", tabindex: "2", required: "required", data: { encrypt: true } %> | |
</div> | |
<div class="hidden" id="public_key" data-value= "<%= sanitize @public_key %>"></div> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$(document).ready(function(){ | |
$('form').submit(function( event ) { | |
var encrypt = new JSEncrypt(); | |
$('[data-encrypt]').each(function(){ | |
var unencrypted = $(this); | |
encrypt.setKey($('#public_key').attr('data-value')); | |
var encrypted = encrypt.encrypt(unencrypted.val()); | |
if(encrypted) { | |
unencrypted.val(encrypted); | |
} | |
}) | |
}); | |
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Class RsaEncryptor provides Public Encryption/Decryption for the data | |
# | |
# @author Peiyush13 <piyushwww13@gmail.com> | |
# | |
class RsaEncryptor | |
attr_reader :rsa_key, :public_key | |
def initialize | |
@rsa_key = OpenSSL::PKey::RSA.generate(1024) | |
@public_key = @rsa_key.public_key.to_s | |
end | |
# serializes the data extracted for the key in order to use it in session | |
# | |
# | |
# @return [String] JSON serialized data | |
# | |
def serialized_data | |
params = {} | |
rsa_key.params.each { |k, v| params[k] = v.to_s } | |
params.to_json | |
end | |
# Rebuilds RSA key from serialized data | |
# | |
# @param [String] serialized_key A serialized key | |
# | |
# @return [OpenSSL::PKey::RSA] A RSA key object | |
# | |
def self.build_key(serialized_key) | |
rsa_key = OpenSSL::PKey::RSA.new(1024) | |
rsa_key_params = JSON.parse(serialized_key) | |
rsa_key_params.each { |k, v| rsa_key_params[k] = OpenSSL::BN.new(v) } | |
rsa_key.set_key(rsa_key_params['n'], rsa_key_params['e'], rsa_key_params['d']) | |
rsa_key.set_factors(rsa_key_params['p'], rsa_key_params['q']) | |
rsa_key.set_crt_params(rsa_key_params['dmp1'], rsa_key_params['dmq1'], rsa_key_params['iqmp']) | |
rsa_key | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'rsa_encryptor' | |
# Module SessionsHelper provides public key encryption/decryption for password | |
# | |
# @author Peiyush13 <piyushwww13@gmail.com> | |
# | |
module SessionsHelper | |
# initializes public key used for password encryption | |
# | |
def generate_rsa_key | |
rsa_key = RsaEncryptor.new | |
session[:rsa_key] = rsa_key.serialized_data | |
@public_key = rsa_key.public_key.to_s | |
end | |
# decrypts the password using private key | |
# | |
# @param [Array<string>] user_params_keys An array specifying user parameters to be decrypted | |
# | |
def authenticate_encryptor(user_params_keys) | |
rsa_key = RsaEncryptor.build_key(session[:rsa_key]) | |
user_params_keys.each do |key| | |
request.params[:user][key] = rsa_key.private_decrypt(Base64.decode64(request.params[:user][key])) rescue '' | |
end | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class Users::SessionsController < Devise::SessionsController | |
include SessionsHelper | |
before_filter :generate_rsa_key, only: [:new] | |
prepend_before_filter -> { authenticate_encryptor([:password]) }, only: [:create] | |
def create | |
# your own code | |
super | |
end | |
def new | |
# your own code | |
super | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment