As I started to design my databases it occurred to me that I would need a safe way to store my credentials. A far too common mistake is to make credentials plaintext in source code and then store those credentials in a publicly accessible Github repository or file. Thankfully, people more educated than me have already figured out a solution for this problem in Node JS, which is a lightweight package called DotEnv.
So the name behind DotEnv likely comes from how Operating Systems determine if a file should be hidden. On Linux for example, when you run ls -a you will see filenames that start with a period. Those files are meant to be hidden from normal users because they are very important. Based on what little reading I’ve done so far DotEnv should let you store your database credentials in a hidden file, and reference that hidden file in a safe way. Servers and Operating Systems allow you to set user and group permissions that can restrict who can access what information and how they can access that information.
I honestly recommend using solutions like this instead of trying to create your own solution whenever possible. There is a lot you can learn from failure, but if you’re not careful you can find yourself chasing your tail too. In this case that would mean giving a hacker easy access to a database without necessarily realizing the problem. Like anything worthwhile in life programming is hard enough without making it harder on yourself.
If you make a purchase at Amazon using the link below I may receive a commission.
Tech Best Sellers at Amazon