Sereno is not still functional
A RESTful key wallet extension of passport
Sereno is intended to extend passport's functionality, in order to include a key wallet giving access to encrypted data to authenticated users, while keeping this data as safe as possible.
https://github.com/chengxianga2008/node-cryptojs-aes
The archetypal use-case is an unified mail inbox, where some user will need to keep a list of all the users and passwords associated to his personal addresses. Those passwords have to be kept safe, but the original information should be retrievable.
A detailed explanation can be found here
Typically
{
plain-text: {_id: String, name: String},
secured: {service: Url, user: String, key: String}
}
Please, note that the service Url has to be secured too, since a manipulation in that field could be used to make the server transfer the credentials to a wrong receiver.
The algorithm used to encrypt this information will be AES.
Please, report any problem you can think of about this strategy
For common use-cases refer to the how-to
- 0.0.2 Sereno can now encrypt and decrypt with a sessionless LocalStrategy
- 0.0.1 Initial release
- Luis Sieira
- Jared Hanson
- From whom the code in ./lib/utils.js has been taken
Copyright [2015] [Luis Sieira Garcia]
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.