stackoom
  简体   繁体   中英

Node.js knex - Securing the password used for logging into database

 原文  2017-01-12 05:13:47       javascript/ node.js/ password-protection/ knex.js

Question

I have the following code in a file called knexfile.js 

module.exports = {
    development: {
        client: 'mysql',
        connection: {
            database: 'myDatabase',
            timezone: 'Z',
            user: 'root',
            password: 'myPassword',
            host: '127.0.0.1'
        },
        pool: {
            min: 2,
            max: 10
        },
        migrations: {
            tableName: 'myMigrationTable'
        }
    }
};

myPassword from the code above is in plaintext. On my production server, I definitely don't want my password in plaintext in my code that my application uses to authenticate with my database. I also wouldn't want it laying around in a file in plaintext on my server.

Is there a way in knex or node to easily handle securely logging into my database? Should I just simply encrypt my password, leave it in a file on my server, and decrypt it using my webapp when it's going to log in?

1 answers

solution1
 2 ACCPTED  2017-01-12 07:20:00

Best practice would be using environment variable. 

knex = require('knex')({
    client: 'mysql',
    connection: process.env.DATABASE_URL
})

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Securing Node.JS APIs Nested array with knex and node.js Securing a specific route node.js Disable logging in Node.JS Logging properties of Node.js Synchronous logging with Node.js Node.JS File Logging Removing Migrations With Knex.js In My Node.js Application Node.js Knex SQL insert is too slow How to get an array into SQlite3 with Express + Knex + Node.js?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM