Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@tsmx/secure-config
Advanced tools
@tsmx/secure-config - npm Package Compare versions
Comparing version 1.2.0 to 1.2.1
| { | ||
| "name": "@tsmx/secure-config", | ||
| "version": "1.2.0", | ||
| "version": "1.2.1", | ||
| "description": "Secure multi-environment JSON configurations with encrypted secrets.", | ||
@@ -5,0 +5,0 @@ "main": "secure-config.js", |
@@ -13,14 +13,15 @@ # [**@tsmx/secure-config**](https://github.com/tsmx/secure-config) | ||
| 1. Encrypt sensitive data in your JSON configuration file. For more details please see [generating encrypted values](#generating-encrypted-entries) and [naming conventions](#naming-conventions). | ||
| 1. Encrypt sensitive data in your JSON configuration file. Most easy way to do this is using the [secure-config-tool](https://www.npmjs.com/package/@tsmx/secure-config-tool). | ||
| For more details please see [generating encrypted values](#generating-encrypted-entries) and [naming conventions](#naming-conventions). | ||
| ```json | ||
| { | ||
| "database": { | ||
| "host": "127.0.0.1", | ||
| "user": "ENCRYPTED|50ceed2f97223100fbdf842ecbd4541f|df9ed9002bfc956eb14b1d2f8d960a11", | ||
| "pass": "ENCRYPTED|8fbf6ded36bcb15bd4734b3dc78f2890|7463b2ea8ed2c8d71272ac2e41761a35" | ||
| } | ||
| "database": { | ||
| "host": "127.0.0.1", | ||
| "user": "ENCRYPTED|50ceed2f97223100fbdf842ecbd4541f|df9ed9002bfc956eb14b1d2f8d960a11", | ||
| "pass": "ENCRYPTED|8fbf6ded36bcb15bd4734b3dc78f2890|7463b2ea8ed2c8d71272ac2e41761a35" | ||
| } | ||
| } | ||
| ``` | ||
| 3. Use your configuration in the code. | ||
| 2. Use your configuration in the code. | ||
| ```js | ||
@@ -30,8 +31,13 @@ const conf = require('@tsmx/secure-config'); | ||
| function MyFunc() { | ||
| let dbHost = conf.database.host; // = '127.0.0.1' | ||
| let dbUser = conf.database.user; // = 'MySecretDbUser' | ||
| let dbPass = conf.database.pass; // = 'MySecretDbPass' | ||
| //... | ||
| let dbHost = conf.database.host; // = '127.0.0.1' | ||
| let dbUser = conf.database.user; // = 'MySecretDbUser' | ||
| let dbPass = conf.database.pass; // = 'MySecretDbPass' | ||
| //... | ||
| } | ||
| ``` | ||
| 3. Run your app. See below for different [options on how to pass the key](#injecting-the-decryption-key). | ||
| ```bash | ||
| $ export CONFIG_ENCRYPTION_KEY=... | ||
| $ node app.js | ||
| ``` | ||
@@ -42,2 +48,27 @@ A fully working [example project](https://github.com/tsmx/secure-config-test) is also available on GitHub. | ||
| ## Naming conventions | ||
| You can have multiple configuration files for different environments or stages. They are distinguished by the environment variable `NODE_ENV`. The basic configuration file name is `config.json` if this variable is not present. If it is present, a configuration file with the name `config-[NODE_ENV].json` | ||
| is used. An exception will be thrown if no configuration file is found. | ||
| All configuration files must be located in a `conf/` directory of the current running app, meaning a direct subdirectory of the current working directory (`CWD/conf/`). | ||
| ### Example structure | ||
| Stage | Value of NODE_ENV | Filename | ||
| ------|-------------------|--------- | ||
| Development | not set | conf/config.json | ||
| Production | `production` | conf/config-production.json | ||
| Test | `test` | conf/config-test.json | ||
| ``` | ||
| path-to-your-app/ | ||
| ├── conf/ | ||
| │ ├── config.json | ||
| │ ├── config-production.json | ||
| │ └── config-test.json | ||
| ├── app.js | ||
| └── package.json | ||
| ``` | ||
| ## Injecting the decryption key | ||
@@ -103,8 +134,8 @@ | ||
| function encrypt(value) { | ||
| let iv = crypto.randomBytes(16); | ||
| let key = Buffer.from('YOUR_KEY_HERE'); | ||
| let cipher = crypto.createCipheriv(algorithm, key, iv); | ||
| let encrypted = cipher.update(value); | ||
| encrypted = Buffer.concat([encrypted, cipher.final()]); | ||
| return 'ENCRYPTED|' + iv.toString('hex') + '|' + encrypted.toString('hex'); | ||
| let iv = crypto.randomBytes(16); | ||
| let key = Buffer.from('YOUR_KEY_HERE'); | ||
| let cipher = crypto.createCipheriv(algorithm, key, iv); | ||
| let encrypted = cipher.update(value); | ||
| encrypted = Buffer.concat([encrypted, cipher.final()]); | ||
| return 'ENCRYPTED|' + iv.toString('hex') + '|' + encrypted.toString('hex'); | ||
| } | ||
@@ -123,31 +154,2 @@ ``` | ||
| ## Naming conventions | ||
| You can have multiple configuration files for different environments or stages. They are distinguished by the environment variable `NODE_ENV`. The basic configuration file name is `config.json` if this variable is not present. If it is present, a configuration file with the name `config-[NODE_ENV].json` | ||
| is used. An exception will be thrown if no configuration file is found. | ||
| All configuration files must be located in a `conf/` directory of the current running app, meaning a direct subdirectory of the current working directory (`CWD/conf/`). | ||
| ### Example structure | ||
| - Development stage | ||
| - `NODE_ENV`: not set | ||
| - Configuration file: `conf/config.json` | ||
| - Prodcution stage | ||
| - `NODE_ENV`: `production` | ||
| - Configuration file: `conf/config-production.json` | ||
| - Test stage, e.g. for Jest | ||
| - `NODE_ENV`: `test` | ||
| - Configuration file: `conf/config-test.json` | ||
| ``` | ||
| path-to-your-app/ | ||
| ├── conf/ | ||
| │ ├── config.json | ||
| │ ├── config-production.json | ||
| │ └── config-test.json | ||
| ├── app.js | ||
| └── package.json | ||
| ``` | ||
| ## Test | ||
@@ -154,0 +156,0 @@ |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by1.13%
16069
- Number of lines in readme file
- increased by1.31%
155
No dependency changes