I am developing a chat app application using React native. As a database, I also want to include mysql in my secure messaging project. For this, end-to-end encryption is required. Can you give me an idea of how to do it?
You can use something like: https://www.npmjs.com/package/hybrid-crypto-js for your encryption and decryption. And in order to achieve real time chatting you can use https://socket.io/ You shouldn't store private keys in your database, these should be kept secret on each device, say in AsyncStorage in case of react native. Messages should be stored on the device (like whatsapp) or encrypted in your database.
My advice is try each package on its own then integrate them together, you can start by implementing a basic chat using socket.io then try to encrypt and decrypt the messages. Follow this article for details: https://dev.to/kris/buiding-chat-app-with-react-native-and-socket-io-4p8l
Related
I've recently begun developing with NodeJS and ElectronJS to create some pretty nifty cross platform software. I want to take it a step further and integrate some database functionality.
While I'm aware that there are mysql packages available to install, I cringe at the idea that anybody can just unpack my asar.app file and see all of the connection details, including username, password, database name, table name, and other sensitive content that you really don't want to expose to people clever enough to break into your app's source code.
I've tried searching extensively on solutions to this problem, which I was surprised to find very little about. How do WhatsApp and Slack secure connections to their database if they were also built with ElectronJS?
Any and all resources are greatly appreciated. I basically want to be able to connect to a production server SQL database in an ElectronJS app without leaving some security backdoor to anybody who cracks the ASAR file.
Thank you!!
For this scenario, I suggest you to use a RESTful web service architecture. Basically you need 3 component, RESTful web back end, client application(your electron) and the database service( see the following image ; source:phppot.com) .For this I suggest you to use nodeJS backend and create a webservice using expressJS . You can define Restful (GET, POST,UPDATE, DELETE) API for each services.
For ex: To get some data from your db, you can send a GET request to the following path <yourdomain>:<port>/api/v1/getyoursomthin using your electron app. Your express app process the request and get the relevant data from the data from the database (Tutorial). So your app can get the respond from the server and display to the user. I will add link to some tutorials. You can find and learn more by google :)
Web: Build a simple app using Node JS and MySQL.
Express.js Tutorial: Build RESTful APIs with Node and Express
( source:phppot.com)
So I am currently learning react and webpack so that I can implement it into my current site. I already have an established phpmyadmin database that pumps out information that I want to appear on my site but I cant figure out how to hide my username and password to the database when programming it. I am used to using php to interact with my database bus since react is purely javascript I am not sure what to do.
You need to have a server running that talks to your database and to your react app. It sounds like you might have this in the form of a PHP application. Your PHP application will need to expose data over HTTP endpoints that you can then fetch from inside of your React application.
This tutorial: https://www.techiediaries.com/php-react-rest-api-crud-tutorial/ would be a great place for you to get started.
I agree that you need to "have a server running that talks to your database and to your react app" as the accepted answer states. On the other hand this does not mean that you have to code it from scratch.
If you don't want to program PHP for the back-end, then you may as well configure software from the list of 'automatic APIs'. An automatic API is "software that turns your database into a REST/GraphQL API".
I'm the author of PHP-CRUD-API, which is an 'automatic API' and I think it suits your needs, but you may as well use any other software from the above list.
I want to build a website and app the will need to create, read, write, update and delete records in a mysql db. How can I have my React-Native app accomplish this? The db is server-side as in I can't use async or local storage on the app.
You will have to use fetch on your servers API to make CRUD requests.
This may require some re-writing or adding to the backend, such that some of it takes data and returns data, as opposed to returning something the browser can render.
I would highly recommend this tutorial series, granted it goes over building an API specifically for the app and doesn't discuss web stuff.
https://www.youtube.com/playlist?list=PLzQWIQOqeUSNX_ZDqt9L3TMSwFa9GbIwp
I am newbie with CAS Server, I found it is a single sign on server between different application in terms of technology like php, .net & java. I explore it but even though there are some questions yet not clear. Before ask my doubt, I tell what am I trying to achieve?
I am using a gwt based application, Now for some of the features, development is in a php technology. It should get some session data from existing java application. another approach to customize CAS like integrate a web service layer for authorization, instead of using its existing like query to db.
The doubts are:
1) Can I share a session data between Java & php application using CAS?
2) is there any security issue while passing a data using CAS server?
Thanks in Advance.
Sharing session data accross application can be addressed by mechanisms not linked to CAS. Though, when authentication occurs in CAS server, user data are retrieved from various data sources and these user data can be pushed to client CAS applications through SAML validation and the appropriate configuration.
I am developing an education app for Kids.
The application is going to contain pictures, stories and video as well.
Including all above contents in the app will surely bloat it and hence i would like store all data on a server that will be accessed by my app.
I haven't used any remote databases (like MySQL or Oracle) with any other iOS app. In fact i am a newbie in developing such kind of apps. Can any one point me to a sample
Connecting to a remote mysql is really not recommended.
The security here is critical.
You should create a webservice and my advice to you is to make sure that the access to the webservice is restricted
The webservice can be your own "protocol" or any other well known protocol like SOAP
By your own I mean, json, csv .... or whatever.
Edit 1
The technology of your webservice should be dependent on many things.
If the system is small, and the code needs to be update very often, I would suggest to do it with PHP and some small(!) MVC framework like CI.
But if its a large system with needs of ACL (access control list) I will probably choose java with spring...
I suggest that : Do not connect to / use database directly from user application. It may causes serious security problems and your app should have native SQL drivers to connect db.
So, create a web service that receive queries from the application and response in XML, JSON or some other strings that easy to parse. This will be much easier than embed native APIs into your apps.