安全地存储密码的nodemailer [英] Storing password securely nodemailer

问题描述

我有一个使用 nodemailer 发送邮件的应用.

I have an app that sends mail using nodemailer.

transporter = nodemailer.createTransport({
  service: 'Gmail',
  auth: {
    user: "email",
    pass: "what here?"
  }
});

我只是想让应用保持开源状态(只是不想让纯文本密码基本上存在于任何地方).

I want to keep the app open source, just for the heck of it (along with not wanting a plain text password to exist basically anywhere).

我知道nodemailler-direct，但是这里有更好的选择吗?我还考虑过提示服务器控制台输入密码，但这也很麻烦.

I know of nodemailler-direct, but is there a better option here? I also thought about prompting the server console for password, but that's clunky as well.

是否有正确"或标准的方式来做这种事情?

Is there a "correct" or standard way to do such a thing?

推荐答案

使用环境变量:

transporter = nodemailer.createTransport({
  service: process.env.NODEMAILER_SERVICE,
  auth: {
    user: process.env.NODEMAILER_USER,
    pass: process.env.NODEMAILER_PASS
  }
});

您可以在服务器上设置这些变量，应用程序将对其进行提取.例如:

You can set these variables on the server and the application will pick them up. For example:

NODEMAILER_SERVICE="Gmail"

这篇关于安全地存储密码的nodemailer的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！