NodeJS-如何安全地存储数据库的IP，用户名和密码? [英] NodeJS - how to securely store ip, username and password of a database?

问题描述

我有一个NODEJS代码可以连接到MySql数据库:

I have a NODEJS code to connect to MySql database:

var mysql = require('mysql')
var express = require('express')
var app = express()

var connection = mysql.createPool({
    connectionLimit: 50,
    host     : 'ip',
    user     : 'username',
    password : 'pass',
    database : 'mydb'
});


app.get('/', function(req, resp) {
    connection.getConnection(function(error, tempCont) {
        if(!!error) {
            tempCont.release();
            console.log('Error');
        } else {
            console.log('Connected!');

            tempCont.query("select * from table", function(error, rows, fields) {
                tempCont.release();
                if(!!error) {
                    console.log('Error in the query');
                } else {
                    resp.json(rows);
                }
            });
        }
    })
})

console.log("listening requests...")
app.listen(1337);

如何保护用于连接数据库的IP，用户名和密码，以便在代码或配置文件中不可见?

How do I secure a ip, username and password used for connecting to a database so that is not visible in the code or configuration file?

推荐答案

通过以下方式安装环境模块: npm install --save dotenv

Install env module by : npm install --save dotenv

在根文件夹中创建.env文件并写下代码

Create .env file at root folder and write down the code

DB_CONLIMIT=50
DB_HOST=ip
DB_USER=username
DB_PASSWORD=pass
DB_DATABASE=mydb

在您的js文件中

var mysql = require('mysql');
var express = require('express');
var app = express();
const dotenv = require('dotenv').config();

var connection = mysql.createPool({

     connectionLimit : process.env.DB_CONLIMIT,
     host            : process.env.DB_HOST,
     user            : process.env.DB_USER ,
     password        : process.env.DB_PASSWORD ,
     database        : process.env.DB_DATABASE 
});

这篇关于NodeJS-如何安全地存储数据库的IP，用户名和密码?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！