What’s this

  • First of all, the BEST post encryption plugin in the universe for hexo.(But what about the other plugins?)
  • It is for those who write a post, but don’t want everyone to read it. Thus, password is required in certain pages to access these encrypted posts.
  • Encryption is simple on wordpress, emlog or other blog systems, except hexo. :(
  • So it’s “hexo-blog-encrypt”‘s time.

Features

  • Once you enter the correct password, you can get the access to encrypted posts, and the password is remembered locally. Press the button again, and the stored password will be erased. If there’re scripts in the post, they will be executed once the post is decrypted.
  • Support preset tag-specified password.
  • All functions are provided by the native APIs. We use Crypto in Node.js, and use Web Crypto API in Browsers.
  • PBKDF2, SHA256 is used to derive keys, We use AES256-CBC to encrypt and decrypt data, we also use HMAC to verify message authentication codes to make sure the posts are decrypted well and not modified.
  • Promise is widely used to make sure our main procedures are asynchronous, so that there is little chance for the process to be blocked, and the experience will be more fluent.
  • Template theme supported, you can use [default, blink, flip, shrink, surge, up, wave, xray] to set up your template theme, and CHECK ONLINE.
  • Outdated browsers may not work well. In such case, please upgrade your browser.

Online demo

Install

  • npm install --save hexo-blog-encrypt
  • or yarn add hexo-blog-encrypt (require Yarn)

Quick start

  • Add the “password” value to your post’s front matter like:
1
2
3
4
5
---
title: Hello World
date: 2016-03-30 21:18:02
password: hello
---
  • Then use hexo clean && hexo g && hexo s to see your encrypted post locally.

Password Priority

post’s front matter > encrypt tags

Advanced settings

in post’s front matter

1
2
3
4
5
6
7
8
9
10
11
---
title: Hello World
tags:
- encryptAsDiary
date: 2016-03-30 21:12:21
password: mikemessi
abstract: Here's something encrypted, password is required to continue reading.
message: Hey, password is required here.
wrong_pass_message: Oh, this is an invalid password. Check and try again, please.
wrong_hash_message: Oh, these decrypted content cannot be verified, but you can still have a look.
---

In _config.yml

Example

1
2
3
4
5
6
7
8
9
# Security
encrypt: # hexo-blog-encrypt
  abstract: Here's something encrypted, password is required to continue reading.
  message: Hey, password is required here.
  tags:
  - {name: encryptAsDiary, password: passwordA}
  - {name: encryptAsTips, password: passwordB}
  wrong_pass_message: Oh, this is an invalid password. Check and try again, please.
  wrong_hash_message: Oh, these decrypted content cannot be verified, but you can still have a look.

To disable tag encryption

Just set the password property in front matter to "".

Example:

1
2
3
4
5
6
7
8
9
---
title: Callback Test
date: 2019-12-21 11:54:07
tags:
    - A Tag should be encrypted
password: ""
---

Use a "" to disable tag encryption.

Config priority

post’s front matter > _config.yml (in the root directory) > default

来自:开源项目GitHub - D0n9X1n/hexo-blog-encrypt: Yet, just another hexo plugin for security.