npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

url-crypt

v1.2.1

Published

json -> compressed encrypted url-safe base64 strings.

Downloads

526

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

valletteavallettea

Keywords

base64cryptcompressurlsafeverificationregistrationencryptdecrypt

Readme

url-crypt

This module was written by Michael J Cole who removed it for I don't know what reason.

json -> compressed encrypted url-safe base64 strings.

In a nutshell:

Take a javascript object.

  • convert it to json
  • gzip the json
  • encrypt the gzip
  • convert encrypted to url-safe base64 string

and back again.

Why?

Inspired by this great article

You can send someone encrypted data. If they don't have the key, they can't tamper with it.

When they give it back you can decrypt it.

Skip the database for email verification. See example server below.

Use

npm install url-crypt

then:

var urlCrypt = require('url-crypt')('~{ry*I)==yU/]9<7DPk!Hj"R#:-/Z7(hTBnlRS=4CXF');

// Get some data
var data = { hello: 'world', this: 'is a test', of: 'url-crypt' };

// Encrypt your data
var base64 = urlCrypt.cryptObj(data);

// Give it to someone.  It's encrypted so they can't tamper with it
// You weren't lazy about your app key were you?

// Get it back
var backAgain = urlCrypt.decryptObj(base64);

// Expectations
// expect(backAgain).to.eql(data);

Caveats

  • URL's should be < 2000 characters. Keep it simple.
  • This library uses Node.js v0.12.0 for the sync zlib functions. Patches welcome to make it work with older versions.

Example: database-less email verification.

It's not necessary to store email verification data in the database. The verification link is information you gave the user through their email.

You only need to verify the information is untampered with, and not faked.

You can do this by encrypting information into the verification link. url-crypt is a Node.js package that facilitates this.

Below is a database-less email verification server.

  1. Paste the code below into example.js
  2. npm install express url-crypt
  3. node example.js
'use strict';

/**
 * A simple database less email verificaiton server
 *
 *   node example.js 
 */

var port = 9876;

var express = require('express');
var app = express();

// Initialize with a 43 char base64 password.  Google 'password generator'
var urlCrypt = require('url-crypt')('~{ry*I)44==yU/]9<7DPk!Hj"R#:-/Z7(hTBnlRS=4CXF');
var router = require('express').Router();

/** 
 * Send email verification link
 */
router.get('/emailLink/:email', function(req, res, next) {
  // Encrypt your data
  var payload = {
    email: req.params.email.toString(),
    date: new Date(),
    ip: req.ip,
  };
  var base64 = urlCrypt.cryptObj(payload);

  // make a link
  var registrationUrl = 'http://' + req.headers.host + '/register/checkLink/' + base64;

  // Send it by email
  var message = {
    message: {
      to: [{email: payload.email}],
      from_email: '[email protected]',
      subject: 'Emailification of Your Account',
      text: 'Paste the url below into your browser to Emailify!  ' + registrationUrl,
      html: '<a href="'+registrationUrl+'">Emailify now!</a>'
    }
  };
  /*
  var mandrill = require('node-mandrill')(config.mandrill.key);
  mandrill('/messages/send', {
    message: message
  }, function(error, response) {
    if (error) {
      console.log( JSON.stringify(error) );
      next(error);
    }
    return res.send('Email sent!');
  });
  */
 
  // Or just print to console.
  console.log('');
  console.log('*** /register/emailLink/:email ********************************************');
  console.log(message);
  return res.send('Link printed!  Click it!');
});

/** 
 * Given a link, validate it
 */
router.get('/checkLink/:base64', function(req, res) {

  var payload;

  try {
    payload =  urlCrypt.decryptObj(req.params.base64);
  } catch(e) {
    // The link was mangled or tampered with.  
    return res.status(400).send('Bad request.  Please check the link.');
  }

  // Payload was encrypted, so couldn't have been modified
  // Only people you gave it to can give it back.
  // If you emailed it to payload.email, then it's verified.
  // You can cross-check the payload.ip with req.ip
  // You can use payload.date to expire the verification

  console.log('');
  console.log('*** /register/checkLink/:base64 ********************************************');
  console.log('You are verified: ' + payload.email);
  console.log(payload);
  return res.send('You are verified!  Secret data you sent:' + JSON.stringify(payload));
});

app.use('/register', router);
app.listen(port); 
console.log('Emailification at http://localhost:' + port);
console.log('');
console.log('Try http://localhost:' + port + '/register/emailLink/[email protected]');

Tests

npm install && npm test

Options and parameters.

See index.js for parameters and explanation of the code.