From 08b1edc354788b3333ec422dd18348fe102f6d42 Mon Sep 17 00:00:00 2001 From: "Torsten Schulz (local)" Date: Sat, 14 Feb 2026 01:37:42 +0100 Subject: [PATCH] =?UTF-8?q?F=C3=BCge=20Skript=20zum=20Re-Encryptieren=20vo?= =?UTF-8?q?n=20Klartext-Mitgliedsantr=C3=A4gen=20hinzu;=20implementiere=20?= =?UTF-8?q?Backup-Funktion=20und=20Fehlerbehandlung?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- package-lock.json | 12 ++--- scripts/re-encrypt-membership-applications.js | 54 +++++++++++++++++++ 2 files changed, 60 insertions(+), 6 deletions(-) create mode 100644 scripts/re-encrypt-membership-applications.js diff --git a/package-lock.json b/package-lock.json index 4c0827d..f0780b7 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9581,9 +9581,9 @@ } }, "node_modules/nanotar": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/nanotar/-/nanotar-0.2.0.tgz", - "integrity": "sha512-9ca1h0Xjvo9bEkE4UOxgAzLV0jHKe6LMaxo37ND2DAhhAtd0j8pR1Wxz+/goMrZO8AEZTWCmyaOsFI/W5AdpCQ==", + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/nanotar/-/nanotar-0.2.1.tgz", + "integrity": "sha512-MUrzzDUcIOPbv7ubhDV/L4CIfVTATd9XhDE2ixFeCrM5yp9AlzUpn91JrnN0HD6hksdxvz9IW9aKANz0Bta0GA==", "license": "MIT" }, "node_modules/natural-compare": { @@ -11377,9 +11377,9 @@ } }, "node_modules/qs": { - "version": "6.14.1", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.1.tgz", - "integrity": "sha512-4EK3+xJl8Ts67nLYNwqw/dsFVnCf+qR7RgXSK9jEEm9unao3njwMDdmsdvoKBKHzxd7tCYz5e5M+SnMjdtXGQQ==", + "version": "6.14.2", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.2.tgz", + "integrity": "sha512-V/yCWTTF7VJ9hIh18Ugr2zhJMP01MY7c5kh4J870L7imm6/DIzBsNLTXzMwUA3yZ5b/KBqLx8Kp3uRvd7xSe3Q==", "dev": true, "license": "BSD-3-Clause", "dependencies": { diff --git a/scripts/re-encrypt-membership-applications.js b/scripts/re-encrypt-membership-applications.js new file mode 100644 index 0000000..af68565 --- /dev/null +++ b/scripts/re-encrypt-membership-applications.js @@ -0,0 +1,54 @@ +// Re-Encrypt Klartext-Mitgliedsanträge mit aktuellem ENCRYPTION_KEY +// Backup wird als .bak angelegt +import fs from 'fs/promises' +import path from 'path' +import { encryptObject } from '../server/utils/encryption.js' + +const DIR = path.join(process.cwd(), 'server/data/membership-applications') +const KEY = process.env.ENCRYPTION_KEY + +if (!KEY) { + console.error('ENCRYPTION_KEY fehlt! Bitte als Environment-Variable setzen.') + process.exit(1) +} + +async function reencryptFile(file) { + const filePath = path.join(DIR, file) + try { + const content = await fs.readFile(filePath, 'utf8') + // Prüfe, ob bereits verschlüsselt (v2: Prefix) + if (content.startsWith('v2:')) { + console.log('Überspringe (bereits verschlüsselt):', file) + return false + } + // Prüfe, ob Klartext-JSON + if (!content.trim().startsWith('{')) { + console.warn('Überspringe (kein Klartext-JSON):', file) + return false + } + // Backup anlegen + await fs.copyFile(filePath, filePath + '.bak') + // Verschlüsseln + const obj = JSON.parse(content) + const encrypted = encryptObject(obj, KEY) + await fs.writeFile(filePath, encrypted, 'utf8') + console.log('Re-Encrypted:', file) + return true + } catch (e) { + console.error('Fehler bei', file, ':', e.message) + return false + } +} + +async function main() { + const files = await fs.readdir(DIR) + let changed = 0 + for (const file of files) { + if (!file.endsWith('.json')) continue + const ok = await reencryptFile(file) + if (ok) changed++ + } + console.log('Fertig. Re-encrypted:', changed, 'Dateien.') +} + +main()