Securing Data in Electron Apps, Part 2

Generating a Desktop Encrypt-and-Sync Widget

Photo by Kevin Ku on Unsplash

In Part 1 of my “Securing Data in Electron Apps” series, I created a small desktop app to locally encrypt files and add access controls with the Virtru SDK and a simple UI. In Part 2, my project will be largely “UI-less” and instead result in an application that runs in the background to automatically encrypt and sync files to a folder in Google Drive.

It’s worth noting that an open-source, Electron-based Drive sync tool already exists in the form of ODrive. I considered just trying to add the Virtru SDK to ODrive, but decided instead to see if I could build something from scratch. The completed project is on GitHub, but you can follow along with how I built it below. Let’s begin!

Prerequisites

• Electron
• Virtru SDK
• Chokidar
• Google Drive API

Let’s Reuse Some Code…

Though we’re changing way we interact with this app, there’s a lot of code we can steal from Part 1. We’ll still want our settings page, but since this is a windowless, background app, we’ll put it in a menu in the tray instead.

Creating an Electron window object that will display underneath our app’s icon in the tray.

We’ll also want to keep the code that stores user settings for the application; this won’t change at all from Part 1.

Finally, we’ll keep our Virtru encryption function. Though we’re selecting the source file(s) differently, the encryption operation always behaves the same.

… Then Add Some New Code

There are two pieces of new functionality we need to add:

• Watch a source folder for changes (new files, removed files, etc), and
• Encrypt new files, then upload to Google Drive.

Luckily, we can leverage existing solutions for both of these.

To watch the folder, we can use Chokidar. Chokidar creates a “watcher” on the source folder and will “fire” upon certain events such as the addition or deletion of a file.

Creating a watcher with Chokidar.

Once Chokidar is triggered by the addition of a new file, we can then leverage some code from my previous Drive Upload project to both perform the encryption and upload to Drive. Along with that code we need to integrate the Google authentication piece included in the Drive Node.js Quickstart.

With those two new functions in place, we simply call the encrypt and upload functions from the watcher when a new file is added.

The watcher calls the upload function, which calls the encrypt function prior to uploading any data.

And that’s it! We now have a functioning app to encrypt and sync local folder content to Google Drive. Any files added to my source folder are automatically encrypted and uploaded.

Conclusion & Next Steps

If you’ve used a file sync tool like this before, you’ll know this project is far from complete. To make this a fully functioning solution, I’ll need to add a few more features:

• Handle additional actions such as file deletions or duplications.
• Pull down changes that are made in Drive, such as the addition of a new file by a collaborator.
• Automatically assign Virtru permissions to those who have permissions on the destination Drive folder.

It may also be useful to merge this project with the app from Part 1, giving users multiple ways to encrypt their data. Let me know in the comments if you have any additional ideas to build this app out!