# Building JavaScript Application - Part 2

Lets extend the previous authentication example to incorporate HexaEight Sessions additional capabilities.

In order to encrypt information to any destination, we first need to determine if the destination is a User Or Machine. If the destination is a user, we need to have the destination Email address, however if the destination is a Machine, then we need to have a fully qualified Domain Resource Name, or a Generic Resource Name. Once we have this information, its trivial to encrypt information to the destination using HexaEight Sessions.

So assume, we want to encrypt information to destination [email protected], we can use the HexaEight Session instance to encrypt information to the destination like below:

session.EncryptTextMessage(recipient,message);

If the message encryption is successful, we should get a encrypted response. This message can be sent to the destination user or resource using any protocol. Note that it NOT necessary for the destination to be registered on HexaEight Platform for the encryption to work.

session.EncryptTextMessage("[email protected]","Hello Support Team, How are you doing Today");

If the encryption is successful, you can see the encrypted message as shown below

F6AVCa56fpZak/yXWEdGShReyFqwaks/+DFeinwNCjyYFJ8TeSpFniwyU2lEd3MU1X7ADxkZtz1RDoBtCbLsUSWoF5YvJOsQNgJEPXxET4dxCj5rSgtWf35oUwGBPQxWDxhVOu2YckHyeb+BhH7qQAY943HSKo18eHfUjOXUeIsnqDN6G45EkosWhWiqCJMEYAkFE2p2GgbWflySm0OHd8BeWHhkOQIQDWT+Ohch5xyUZ7Rt7l2kTrQtdh+Aq7qaJ6iKndAcJgtjFPybfph0Im8O10iTmyEgAUrbamRgwASelPlhtDuhG7d5hRrgNUxgRgRHA2hgMWAGkSueYQtf7yaokC+Mad6M6kInJbViDBJidB89uGz+fUBaEDt4RtwJ8peqE+CY7itCM40/UBagC5I5WjvsSMOL6IosVU6nwSYmqA==|OshVLQA7vC8tAOR/5SC4tw8IIQnsQJtZeqf8HOR/ek2ov/E4lk1ioeaTwjUbPkNIiXiVHd6TwiPxAkSUXqr8cFZw1IwPXIVJlg7rXjZEXC56FLUzqbbowFW8x3XwUBiR0gI/vtw4bT2TJgzCzolgAMsfThdFUcBTXzJWBeyb3HFWcEgUc2jWNkliJy5Mk/UIxCJ7fiYf30sckIKP6Z25sP2FphG1u/GsiS7aW4qWAlYEgnWK6G1JG2VtHlS0O+NxVnAYgft7Bi65AvWeJxVocehCrGfHHcIAL2OIZA4Mb5a1mBiDebSxMCFmA2XdJTYTBiV3AcxywRnCVAscksSBcVZwe0EjuxI580YHr6mRa1KNV8oU8EqfchtVgi4tiXM6+nctsDRtPjhNSZ+VqJMHc4IAeA3HUiQ6YKWaGPXtjnFWcDG9zxmOvAU5Ug4aFERuh4k+WsI2DFvaap+MCh3QZWQC9hghvPuVRExRbEpiPmMctsVCEWD8mBV2N547eLJxVnCRaCQQWrx8CLBN6W3OPGpfcRtHpqxlr8CaGMWQe1oTvj0wikp4tQii6ZcNB+4qfKw8WfK9Db//ftdSyZUiclZwO7HBxE5gtUGerDAfErOZffcBbBi2RY+ATjnqF50Pu51/d1KggaUhll8jGg1BdBme4y/nYZd3ebcCcHaU4XBWcKReyF1cDJ8u4AkBtz7FiLc4VDsqzropNYhIjrc+nwdheo00lkZZjnbUe0aipjJmpX4GZ4YiEfqLKF75IuZwVnA=

Note: Encrypting the same information again yeilds a different encrypted output

In order to decrypt information, you can use the DecryptTextMessage function as shown below, it not necessary to pass any additional information for decryption.

session.DecryptTextMessage(encryptedmessage);

In order to test the encrypt/decrypt feature, you can open two sessions of HexaEight Session Demo in seperate tabs and login using different email address and try out the encrypt and decrypt message feature.

When a message is decrypted, the decrypted message will look like below :

{"REQUEST":"DATAMESSAGE","SENDER":"[email protected]","RECEIVER":"[email protected]","STIME":"1681599261","RTIME":"1681599285","BODY":"DEFAULT!6936D8CB97E03B8C288A231BAF26CB9F8E8ED127B1652CEC9E9620FE3D97CD108BDCBBDB7F5B7F6E51A40703E9AB9E6A0171A7A74FE89BC1C82D0E5DA0A0A141 [rcSh8YYtRF0Th3O552t5rEv5zysDVnSsAmO9Tz0VeuBMe2jfxASuGV2LPLH0UWJsx04vctHrxMcJFeCxRPRwUufHKfdNiVkv0r2DeNzWjrRD3LZGJOT6CoYWgEeTiMfT] :Hello Admin, How are you?"}

There is a lot of information that is available, lets break it down

{

    "REQUEST":"DATAMESSAGE",
    "SENDER":"[email protected]",
    "RECEIVER":"[email protected]",
    "STIME":"1681599261",
    "RTIME":"1681599285",
    "BODY":"DEFAULT!6936D8CB97E03B8C288A231BAF26CB9F8E8ED127B1652CEC9E9620FE3D97CD108BDCBBDB7F5B7F6E51A40703E9AB9E6A0171A7A74FE89BC1C82D0E5DA0A0A141 [rcSh8YYtRF0Th3O552t5rEv5zysDVnSsAmO9Tz0VeuBMe2jfxASuGV2LPLH0UWJsx04vctHrxMcJFeCxRPRwUufHKfdNiVkv0r2DeNzWjrRD3LZGJOT6CoYWgEeTiMfT] :Hello Admin, How are you?"

}

While the first three fields are self explanatory, the STIME, is the start time when the message was encrypted at source and RTIME shows when the message was decrypted in the destination.

The BODY field has multiple data information points, lets split it up for better explanation.

1. The DEFAULT refers to the SCOPE/ROLE that the user is currently logged in,
2. The next text following the ! is the CLIENTAPPLICATION HASH, which is nothing but the hash of "hexaeight.github.io", which indicates to us that the user has used the Demo Application to send the message,
3. The subsequent text in the Square Braces is the PKCE code verifier, which can be used as double verification to verify the sender's identity
4. The final text shows the decrypted text.

Storing data in the browser's storage is not considered safe, however HexaEight Sessions provides a simple way to store the data locally by using the "Protect Message" feature provided by HexaEight Session API. This allows us to store information in the browser's local storage and retrieve it later using the "Decipher Message" function to unprotect the data.

The below function will Protect the message which can be then saved in local/session storage

session.ProtectMessage("Protect this secret message 1000");

In order to unprototect the message

session.DecipherMessage("");

This Protect and dechipher message can be very useful, when you want to retrieve the user data for an app and store it locally in the protected state, thus reducing the roundtrip to fetch older data from the server every time the user logs into the session. Instead only the latest data can be fetched from the Server on subsequent session logins.

Note: The user needs to use the same Generic Resource Identity Token, for the data to be accessible in subsequent sessions.

You can use the following URL https://hexaeight.github.io/hexaeight-session-demo/ to test Encryption/Decryption as well as Protection/Deciphering API provided by HexaEight Sessions