58 lines
1.8 KiB
R
58 lines
1.8 KiB
R
# based on https://github.com/datastorm-open/shinymanager/
|
|
|
|
|
|
#' @export
|
|
write_db_encrypt <- function(conn, value, name, passphrase = Sys.getenv("AUTH_DB_KEY")) {
|
|
if (is.character(conn)) {
|
|
conn <- DBI::dbConnect(RSQLite::SQLite(), dbname = conn)
|
|
on.exit(DBI::dbDisconnect(conn))
|
|
}
|
|
|
|
if (name == "credentials" && "password" %in% colnames(value)) {
|
|
if (!"is_hashed_password" %in% colnames(value)) {
|
|
value$is_hashed_password <- FALSE
|
|
}
|
|
to_hash <- which(!as.logical(value$is_hashed_password))
|
|
if (length(to_hash) > 0) {
|
|
# store hashed password
|
|
value$password[to_hash] <- sapply(value$password[to_hash], function(x) scrypt::hashPassword(x))
|
|
value$is_hashed_password[to_hash] <- TRUE
|
|
}
|
|
}
|
|
|
|
if (!is.null(passphrase)) {
|
|
passphrase <- as.character(passphrase)
|
|
passphrase <- charToRaw(passphrase)
|
|
key <- openssl::sha256(passphrase)
|
|
value_serialized <- serialize(value, NULL)
|
|
value_encrypted <- openssl::aes_cbc_encrypt(data = value_serialized, key = key)
|
|
value <- data.frame(value = I(list(value_encrypted)), iv = I(list(attr(value_encrypted, "iv"))))
|
|
}
|
|
|
|
DBI::dbWriteTable(conn = conn, name = name, value = value, overwrite = TRUE)
|
|
}
|
|
|
|
|
|
#' @export
|
|
read_db_encrypt <- function(conn, name, passphrase = Sys.getenv("AUTH_DB_KEY")) {
|
|
|
|
if (is.character(conn)) {
|
|
conn <- DBI::dbConnect(RSQLite::SQLite(), dbname = conn)
|
|
on.exit(DBI::dbDisconnect(conn))
|
|
}
|
|
|
|
out <- DBI::dbReadTable(conn = conn, name = name)
|
|
|
|
if (!is.null(passphrase)) {
|
|
passphrase <- as.character(passphrase)
|
|
passphrase <- charToRaw(passphrase)
|
|
key <- openssl::sha256(passphrase)
|
|
value <- out$value[[1]]
|
|
attr(value, "iv") <- out$iv[[1]]
|
|
out <- openssl::aes_cbc_decrypt(value, key = key)
|
|
out <- unserialize(out)
|
|
}
|
|
|
|
return(out)
|
|
}
|