Javascript 如何在 Angular 6 中加密和解密
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/53478860/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to Encrypt and Decrypt in Angular 6
提问by lpd
Login Response
登录响应
{ code: 200, id: 4, msg: "success", user: "Sourav" }
{代码:200,id:4,味精:“成功”,用户:“Sourav”}
I have a issue like i want to store id and user in Local Storage as Encrypted format.How can i do it using Angular 6?
我有一个问题,比如我想将 id 和用户以加密格式存储在本地存储中。我如何使用 Angular 6 来做到这一点?
回答by Suresh Kumar Ariya
In one our project, we have used 'crypto-js' library. http://github.com/brix/crypto-js
在我们的一个项目中,我们使用了“crypto-js”库。http://github.com/brix/crypto-js
import * as CryptoJS from 'crypto-js';
encryptData(data) {
try {
return CryptoJS.AES.encrypt(JSON.stringify(data), this.encryptSecretKey).toString();
} catch (e) {
console.log(e);
}
}
decryptData(data) {
try {
const bytes = CryptoJS.AES.decrypt(data, this.encryptSecretKey);
if (bytes.toString()) {
return JSON.parse(bytes.toString(CryptoJS.enc.Utf8));
}
return data;
} catch (e) {
console.log(e);
}
}
回答by Guerric P
The technical solution for encrypting things on client side is probably to use some third party library. Quoting such libraries leads to opinionated answers and that's not very desirable here.
在客户端加密东西的技术解决方案可能是使用一些第三方库。引用这样的库会导致自以为是的答案,这在这里不是很可取。
However, if the use case is to hide some backend data from the user (which seems to be the case when I read your question), it makes no sense to encrypt, since the key would be either stored in JavaScript code or sent through network. In both cases it's impossible to obfuscate.
但是,如果用例是向用户隐藏一些后端数据(当我阅读您的问题时似乎是这种情况),则加密没有意义,因为密钥将存储在 JavaScript 代码中或通过网络发送. 在这两种情况下,都无法混淆。
Some examples of valid use cases for client-side encryption:
客户端加密的一些有效用例示例:
- Allow the user to encrypt things with a key they own.
- Use some public key to encrypt a message for a system that owns the corresponding private key
- ...
- 允许用户使用他们拥有的密钥加密事物。
- 使用一些公钥为拥有相应私钥的系统加密消息
- ...
回答by Amaresh C.
Though it's not perfect, window.btoa()will provide basic base-64encoding, to avoid everyone reading the user data. This could be your quickest solution. As encryption on the client side is not secured, because everything that comes to the browser can be seen by the end user (Your code or Ajax call, etc), even your encryption key.
虽然它并不完美,但window.btoa()会提供基本的base-64编码,以避免每个人都读取用户数据。这可能是您最快的解决方案。由于客户端的加密是不安全的,因为最终用户可以看到浏览器的所有内容(您的代码或 Ajax 调用等),甚至是您的加密密钥。
回答by holydragon
回答by Pramod KP
You can also use secure-ls. No need to maintain the decryption key at client side.
您也可以使用secure-ls。无需在客户端维护解密密钥。
import * as SecureLS from 'secure-ls';
export class StorageService {
private _ls = new SecureLS({ encodingType: 'aes' });
constructor() {
}
set(key: string, value: any, expired: number = 0) {
this._ls.set(key, value);
}
remove(key: string) {
this._ls.remove(key);
}
get(key: string) {
return this._ls.get(key);
}
clear() {
this._ls.removeAll();
}
}
