Getting started with Node.js, Sequelize, and CipherStash
This guide will step you through adding CipherStash to your Node.js-based JavaScript application using Sequelize.
By the end of this guide, you will have:
- Encrypted sensitive data inside your existing database
- Queried that encrypted data
The steps you’ll go through are:
- Define which database columns should be encrypted
- Encrypt the sensitive data
- Query the newly encrypted data
Before you start
You’ll need to install some tools:
This tutorial takes you through adding CipherStash to an existing JavaScript application using PostgreSQL and Sequelize.
Start by cloning the repo and installing dependencies:
git clone https://github.com/cipherstash/cipherstash-sequelize-demo-app
cd cipherstash-sequelize-demo-app
npm install
Create the database, run migrations, and seed the database with dummy patient data:
npx sequelize-cli db:create
npx sequelize-cli db:migrate
npx sequelize-cli db:seed:all
Install the CipherStash CLI
The CipherStash CLI is used to manage your encryption schema.
The encryption schema defines what encrypted indexes exist, and what queries you can perform on those indexes.
On macOS
Install via Homebrew:
brew install cipherstash/tap/stash
If macOS asks you whether you are sure you want to open “stash”, please select “Open”.
On Linux
Download the binary for your platform:
- Make the binary executable:
# on x86_64 chmod +x $path_to/stash-x86_64-unknown-linux-gnu # on ARM64 chmod +x $path_to/stash-aarch64-unknown-linux-gnu
- Rename the binary:
# on x86_64 mv stash-x86_64-unknown-linux-gnu stash # on ARM64 mv stash-aarch64-unknown-linux-gnu stash
- Place the binary on your
$PATH
, so you can run it.
Sign up
You can start your signup from the CLI:
stash signup
Your browser will open to https://cipherstash.com/signup/stash-cli where you can sign up with either your GitHub account, or a standalone email.
Install the CipherStash database driver
The CipherStash database driver transparently maps SQL statements to encrypted database columns.
It is installed by overriding the pg-native
package with the drop in replacement @cipherstash/pg-native
.
Under the hood @cipherstash/pg-native
uses the package @cipherstash/libpq
which contains the CipherStash PostgreSQL driver.
To install them both, first install @cipherstash/libpq
:
npm add @cipherstash/libpq
And then @cipherstash/pg-native
using an npm alias:
npm add pg-native@npm:@cipherstash/pg-native