0

I am learning NodeJS by building a JWT server. Basically I want to authorize users against credentials in a PostgreSQL database. I am considering node-postgres, passport, pg to connect with PostgreSQL but I have not found anyway to store my connection values encrypted. Ideally I would store them in a properties file so I can change them per environment.

Most examples I see do something like:

var pg = require('pg');
var conString = "postgres://YourUserName:YourPassword@localhost:5432/YourDatabase";

Can someone help show me how to encrypt and use my credentials so I don't have to hard code the plain values in my source?

Improve this question
1
  • Appreciate this is an old answer; mostly writing this for posterity. Putting credentials in source code like this is usually a bad idea, often a very bad one. Pulling them in from the deployment environment gives you more granular access control and operational flexibility. Commented May 16, 2017 at 13:45

2 Answers 2

Reset to default
2

There seem to exist npm packages for this already. See https://www.npmjs.com/package/secure-conf. Seems to fulfill your needs.

Please note, that you should also secure your Connection to the DB using SSL. See SSL for PostgreSQL connection nodejs for a Solution.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thank you for the quick and awesome answer - will start on that now!
0

This should help.

if you use sequelize to connect postgres

const sequelize = new Sequelize("DB", usrname, password, { host: "/var/run/postgresql", dialect: "postgres", });

NB: get the host string from your pgsl db might be different //

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.