2

I'm trying to encrypt my data in mongodb. I'm using mongoose-encryption plugin, but i have an error like this :

"throw new Error('must provide either options.secret or both options.encryptionKey and options.signingKey');"

here's my code:

var UserSchema = new mongoose.Schema({
  profile: ProfileSchema,
  timeStamp: Date,
  created: Date,
  email: {
    type: String,
    sparse: true
  },
  username: {
    type: String,
  },
  password: {
    type: String,
  }
})

var encKey = process.env.SOME_32BYTE_BASE64_STRING
var sigKey = process.env.SOME_64BYTE_BASE64_STRING

UserSchema.plugin(encrypt, { encryptionKey: encKey, signingKey: sigKey , encryptedFields: ['email']})

so, what i'm missing in my code? i have no idea with this error. because i just following steps in here but failed. i'm new in node and mongoose. please help me... thanks anyway...

Improve this question
1
  • i notice its because of this line: var encKey = process.env.SOME_32BYTE_BASE64_STRING var sigKey = process.env.SOME_64BYTE_BASE64_STRING if i try to change the variable encKey and signKey : var encKey = 'a2V5YWxpYXNpc3RoZWJlc3R3b3cqweda' var sigKey = 'a2V5YWxpYXNpc3RoZWJlc3R3b3cqwedaa2V5YWxpYXNpc3RoZWJlc3R3b3cqweda' that error is gone, but it return error : "Error: options.encryptionKey must be a a 32 byte base64 string" this make me confused because that encKey is already 32 Byte. any suggestion? Commented Mar 29, 2016 at 12:18

11 Answers 11

Reset to default
4

Your original error is because process.env.SOME_32BYTE_BASE64_STRING and process.env.SOME_64BYTE_BASE64_STRING is not set.

Your second error is because var encKey = 'a2V5YWxpYXNpc3RoZWJlc3R3b3cqweda' and var sigKey = 'a2V5YWxpYXNpc3RoZWJlc3R3b3cqwedaa2V5YWxpYXNpc3RoZWJlc3R3b3cqweda'

is not valid 32BYTE_BASE64_STRING and 64BYTE_BASE64_STRING respectively.

To generate valid strings, you can use crypto module:

//32 bytes
require('crypto').randomBytes(32, function(err, buffer) {
    var token = buffer.toString('base64');
});

//64 bytes
require('crypto').randomBytes(64, function(err, buffer) {
    var token = buffer.toString('base64');
});
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

This error occurs because you haven't installed the .env package of npm. you should first install the dotenv package and require it in your app.js at the beginning

  1. npm install dotenv
  2. require('dotenv').config();

Now you can custom keys in your .env file.

E.g

require("dotenv").config();
const { ApolloServer, gql } = require("apollo-server");
Improve this answer

Comments

0

Nothing but your javascript file should be presented along with .env file you create.

This worked for me.

Improve this answer

Comments

0

For local testing (do not commit to git), you need to pass in a variable:

var encKey = "Thisisa32bytebasestring";
var sigKey = "Thisisa64bytebasestring";

For remote commit, you need to pass a String variable for SOME_32BYTE_BASE64_STRING and SOME_32BYTE_BASE64_STRING in the .env file:

var encKey = process.env.SOME_32BYTE_BASE64_STRING
var sigKey = process.env.SOME_64BYTE_BASE64_STRING

You .env file should contain:

SOME_32BYTE_BASE64_STRING=Thisisa32bytebasestring
SOME_64BYTE_BASE64_STRING=Thisisa64bytebasestring
Improve this answer

Comments

0

This error occurs because you havent installed .env package of npm. you should first install the dotenv package and require it in your app.js at the beginning

  1. npm install dotenv // in terminal
  2. require('dotenv').config(); // top of app.js
Improve this answer

Comments

0

  1. Install dotenv via npm :-

    npm i dotenv

  2. Require it in .js file :-

    require('dotenv').config();

  3. create .env file in your project folder:-

  4. Paste below text in .env file:-

    SOME_LONG_UNGUESSABLE_STRING=Thisisa32bytebasestring

  5. write below code in .js file above mongoose.model() and eplace encryptingItem with your item :-

    var secret = process.env.SOME_LONG_UNGUESSABLE_STRING;
userSchema.plugin(encrypt, { secret: secret ,  encryptedFields: ['encryptingItem']});
Improve this answer

Comments

0

check your required name variables: like: It should be exactly like this:

const encrypt = require("mongoose-encryption");

So that it matches with the name:

userSchema.plugin(encrypt, { secret: secret });

Your const encrypt name should match userSchema.plugin(encrypt, {}..) here I hope it was helpful.

Improve this answer

Comments

0

You can use a variable called secret = "set it to any string you want" then you can add {secret:secret} to your UserSchema.plugin();

You can find this in the mongoose-encryption package docs

Improve this answer

Comments

0

In your .env file, ensure that the values of SOME_32BYTE_BASE64_STRING and SOME_64BYTE_BASE64_STRING are enclosed inside a ""

For example:

SOME_32BYTE_BASE64_STRING="ThisIsMyLittlesecret"
Improve this answer

Comments

0

First you delete last 3 line then go with this

const userSchema = new mongoose.Schema({
  email: String,
  password: String,
});

const secret = "ILoveMyCountryVeryMuch";
userSchema.plugin(encrypt, { secret: secret, encryptedFields: ['password'] });

const User = mongoose. Model("User", userSchema);

You can encrypt by using this code.

Improve this answer

Comments

0

In My case i was using ES6 version meaning when i was using import statement to import module which i think is not compatible with This mongoose-encryption when i turned everything to a format like

require()

everything just worked fine . And one more thing use it at the top of your .js file.

Improve this answer

1 Comment

Your answer could be improved with additional supporting information. Please edit to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers in the help center.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.