Project

response_encryption

0.0
No commit activity in last 3 years
No release in over 3 years
response_encryptiondegzcs/response_encryptionHomepageDocumentationSource CodeBug TrackerWiki
Gem to encrypt the API response.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
4,516
Stars
1
Forks
0
Watchers
2
 Releases
Current version
0.1.1
Total releases
2
First release
2017-09-13
Latest release
2017-09-13
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2017-09-12
Reverse Dependencies
0

 Dependencies

Development

active_model_serializers
~> 0.10
bundler
~> 1.15
jsonapi-resources
~> 0.9
rake
~> 10.0
rspec-rails
~> 3.0
spirit_hands
~> 2.1
sqlite3
~> 1.3

Runtime

rails
~> 5.1
 Project Readme

ResponseEncryption

This gem can be used to encrypt the attributes of your rails application or then entired body. It can be integrated with jsonapi-resources, active-model-serializer or just with a normal Rails application.

Installation

Add this line to your application's Gemfile:

gem 'response_encryption'

And then execute:

$ bundle install

Or install it yourself as:

$ gem install response_encryption

Usage

JSON API resources

  • Install and configure the jsonapi-resource gem in your project
  • add an initializer with the ResponseEncryption config
ResponseEncryption.configure do |config|
  config.encryption_strategy = :encrypted_attributes
  config.serializer_gem = :jsonapi_resources
  config.algothim = 'AES'
  config.algorithm_key_length = '256'
  config.block_cipher_mode = 'CBC'
end
  • include the ResponseEncryption::ActsAsEncryptionController module into your ApplicationController and define a context method there, as follows:
class ApiController < ApplicationController
  include ResponseEncryption::ActsAsEncryptionController

  def context
    default_context.merge({
            encoded_symmetric_key: get_encoded_symmetric_key_from(database_or_file)
           })
  end
end
  • include the include ResponseEncryption::EncryptAttributes your XResource
  • add the fields that you want to encrypt as parameters in the your XResource
encrypted_attrs :field1, field2, ... , fieldn

Active model serializer

  • Install and configure the active_model_serializers gem in your project
  • add an initializer with the ResponseEncryption config
ResponseEncryption.configure do |config|
  config.encryption_strategy = :encrypted_attributes
  config.serializer_gem = :active_model_serializers
  config.algothim = 'AES'
  config.algorithm_key_length = '256'
  config.block_cipher_mode = 'CBC'
end
  • include the ResponseEncryption::ActsAsEncryptionController module into your ApplicationController
  • include the include ResponseEncryption::EncryptAttributes your XSerializer
  • add the fields that you want to encrypt as parameters in the your XSerializer
encrypted_attrs :field1, field2, ... , fieldn

TODO

  • explain ResponseEncryption config parameters
  • show examples
  • add encryption_strategy for encrypt_body
  • test other algorithms to encrypt
  • implement responses without any serializer

Development

After checking out the repo, run bin/setup to install dependencies. Then, run rake spec to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.

To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/response_encryption. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the Contributor Covenant code of conduct.

License

The gem is available as open source under the terms of the MIT License.

Code of Conduct

Everyone interacting in the ResponseEncryption project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the code of conduct.