feat: encrypt the value before storing if a secretKey was specified

dist/index.d.ts

@@ -6,6 +6,7 @@ export declare class Webstorable {
 }
 export declare let WEBSTORAGE_CONFIG: {
     prefix: string;
+    secretKey: string;
 };
 export declare class WebStorageModule {
 }

dist/utility/webstorage.utility.d.ts

@@ -5,4 +5,6 @@ export declare class WebStorageUtility {
     static remove(storage: Storage, key: string): void;
     private static getSettable(value);
     private static getGettable(value);
+    private static encrypt(value, password);
+    private static decrypt(value, password);
 }

package.json

@@ -37,5 +37,9 @@
     "tslint": "^3.15.1",
     "typescript": "^2.2.1",
     "zone.js": "^0.7.2"
+  },
+  "dependencies": {
+    "@types/crypto-js": "^3.1.33",
+    "crypto-js": "^3.1.9-1"
   }
 }

src/index.ts

@@ -8,7 +8,8 @@ export declare class Webstorable {
     save(): void;
 }
 export let WEBSTORAGE_CONFIG = {
-    prefix: 'angular2ws_'
+    prefix: 'angular2ws_',
+    secretKey: ''
 };
 
 @NgModule({

src/utility/webstorage.utility.ts

@@ -1,22 +1,30 @@
 import {WEBSTORAGE_CONFIG} from '../index';
+import * as CryptoJS from 'crypto-js';
 
 export class WebStorageUtility {
     static generateStorageKey(key: string): string {
-        return `${WEBSTORAGE_CONFIG.prefix}${key}`
+        if (WEBSTORAGE_CONFIG.secretKey) {
+            return `${WEBSTORAGE_CONFIG.prefix}enc_${key}`;
+        }
+        return `${WEBSTORAGE_CONFIG.prefix}${key}`;
     }
 
     static get(storage: Storage, key: string): any {
-        let storageKey = WebStorageUtility.generateStorageKey(key);
-
+        const storageKey = WebStorageUtility.generateStorageKey(key);
         let value = storage.getItem(storageKey);
-
+        if (WEBSTORAGE_CONFIG.secretKey && value !== null) {
+            value = this.decrypt(value, WEBSTORAGE_CONFIG.secretKey) || '';
+        }
         return WebStorageUtility.getGettable(value);
     }
 
     static set(storage: Storage, key: string, value: any): void {
-        let storageKey = WebStorageUtility.generateStorageKey(key);
-
-        storage.setItem(storageKey, WebStorageUtility.getSettable(value));
+        const storageKey = WebStorageUtility.generateStorageKey(key);
+        let strValue = WebStorageUtility.getSettable(value);
+        if (WEBSTORAGE_CONFIG.secretKey) {
+            strValue = this.encrypt(strValue, WEBSTORAGE_CONFIG.secretKey);
+        }
+        storage.setItem(storageKey, strValue);
     }
 
     static remove(storage: Storage, key: string): void {
@@ -37,4 +45,24 @@ export class WebStorageUtility {
             return value;
         }
     }
+
+    private static encrypt(value: string, password: string): string {
+        // Prepend sha256(value) to the value, we can use it to verify the decrypted result.
+        const newValue = CryptoJS.SHA256(value).toString() + value;
+        return CryptoJS.AES.encrypt(newValue, password).toString();
+    }
+
+    // Returns null if the password was incorrect.
+    private static decrypt(value: string, password: string): string {
+        const decrypted = CryptoJS.AES.decrypt(value, password).toString(CryptoJS.enc.Utf8);
+        if (decrypted.length < 64) {
+            return null;
+        }
+        const sha256 = decrypted.substr(0, 64);
+        const realValue = decrypted.substr(64);
+        if (CryptoJS.SHA256(realValue).toString() !== sha256) {
+            return null;
+        }
+        return realValue;
+    }
 }