堆栈内存溢出
  简体   繁体   English

我应该在哪里存储我的Node.js应用程序的密钥?

[英]Where should I store my secret keys for my Node.js app?

 原文  2017-01-15 07:54:45       node.js/ amazon-web-services/ amazon-s3/ amazon-dynamodb/ elastic-beanstalk

问题描述

I am really struggling as to how I should hide my keys. 我真的很挣扎如何隐藏我的钥匙。

The two keys I need to hide are secrets.crypto and secrets.jwt... I plan on hosting my application on AWS using Elastic Beanstalk. 我需要隐藏的两个密钥是secrets.crypto和secrets.jwt ...我计划使用Elastic Beanstalk在AWS上托管我的应用程序。

Also I am not sure where I would put my keys for access to things like my Dynamodb and my S3 bucket. 此外,我不知道我会把钥匙放在哪里,以便访问像我的Dynamodb和我的S3桶这样的东西。 

exports.generateToken = (type, user) => {
    if (!_.isString(type)) {
        return undefined;
     }

    try {

         //Turn the json object of the current user's id and the type of token into a string
         var stringData = JSON.stringify({
             _id: user._id,
             type: type
         });

        //Take the json string and encrypt it with a secret then turn it back into a string
        var encryptedData = cryptojs.AES.encrypt(stringData, secrets.crypto).toString();

        //Take the encryptedData and turn it into a token with a secret
        var token = jwt.sign({
            token: encryptedData
        }, secrets.jwt);

        return token;
    } catch(e) {
        return undefined;
    }
};

2 个解决方案

解决方案1
 6 已采纳  2017-01-15 16:50:19

In Elastic Beanstalk I believe the preferred way to store keys like this is via environment variables. 在Elastic Beanstalk中,我认为存储这样的密钥的首选方法是通过环境变量。 You can use the command eb setenv key=value to set an environment variable. 您可以使用命令eb setenv key=value来设置环境变量。 More information about this here . 关于这方面更多的信息在这里

For accessing the AWS API, which you mention in regards to accessing DynamoDB and S3, you would not use keys at all. 要访问您在访问DynamoDB和S3时提到的AWS API,您根本不会使用密钥。 For this you would assign an IAM instance profile to the EC2 servers created by Elastic Beanstalk. 为此,您可以将IAM实例配置文件分配给Elastic Beanstalk创建的EC2服务器。 This is documented here . 在此处记录

解决方案2
 -2  2017-01-15 10:03:54

Create a configuration file for all the envoirments like development, production and add all the secret keys init and use anywhere you want. 为开发,生产等所有产品创建配置文件,并添加所有密钥init并在任何地方使用。 

config.json file
{
"development": {
    "Secret1": "Your Secret Here",
    "Secret2": "Your Secret Here",
    "db":{
      //development database settings here
     }
 },
   "production": {
    "Secret1": "Your Secret Here",
    "Secret2": "Your Secret Here",
    "db":{
      //development database settings here
     }
   }
}

var config = require('./config.json');
config.Secret1;

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 我应该在 node.js 中包含我的模块并表达? - Where should i include my modules in node.js and express? 我应该在Node.js(Express)应用程序中将MySQL客户端定义在哪里? - Where should I define my MySQL client in a Node.js (Express) app? 我应该将我的 API 密钥引用和 env 文件放在 Node.js 应用程序中的什么位置? - Where should I put my API key references and env files in a Node.js app? 我应该将当前用户存储在node.js中的哪个位置? - Where should i store current user in node.js? 弹性 beanstalk t2 服务器在哪里存储我的 node.js 应用程序文件? - Where does elastic beanstalk t2 server store my node.js app files? 我应该在哪里存储与Elastic Beanstalk一起部署的NodeJS应用程序的API密钥? - Where should I store API keys for my NodeJS app deployed with Elastic Beanstalk? 我应该把我的Node.js web项目文件夹放在Ubuntu 14中? - Where should I put my Node.js web project folder in Ubuntu 14? 我应该将密钥和证书存储在https服务器(Node.js)的哪里 - Where am I supposed to store my key and cert for an https server (Node.js) Firebase在我的node.js应用中无法正常运行 - Firebase not behaving as it should in my node.js app 在我的node.js应用程序中添加socket.io的位置 - where to add socket.io in my node.js app
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM