How do I separate an OAuth token from my main js file? - javascript

I am making a twitch chat bot using the tmi.js module. It dawned upon me that having the OAuth token within the main js file may not be the most secure practice. How do I separate the token from the main file and include the token to my main app?
let opts = {
identity: {
username: <BOT USERNAME>,
password: 'oauth:' + <OAUTH TOKEN>},
channels: [
<CHANNEL NAME>]
}

You can create .env file and add it to .gitignore file.
in the .env file insert your variable like that:
OAUTH_TOKEN=yourToken
In the opts object you can call the token like that:
process.env.OAUTH_TOKEN

Related

API Keys with dotenv made me net::ERR_CONNECTION_REFUSED

Im trying so hard to run this "job project" from Github, so i put my API keys on .env created file locate on root of api directory
APP_ID=00000000
API_KEY=000000000000000000000000
...and put this code on my config.js :
require('dotenv').config({ path: 'api/.env' })
module.exports = {
APP_ID: process.env.APP_ID,
API_KEY: process.env.API_KEY,
BASE_URL: 'https://api.adzuna.com/v1/api/jobs',
BASE_PARAMS: 'search/1?&results_per_page=20&content-
type=application/json',
};
But it looks like the request failing with this error net::ERR_CONNECTION_REFUSED:
I think, it dosent happens to take the api keys values, because accessKeyId is always empty
So, does there any other way to hide the api keys for it to work ?
Thanks

Config.get() Not Getting Configuration From File: "custom-environment-variables.json" Nodejs, JavaScript

I am learning how to configure my Node.js App environment. For this I am using config module.
Below is my index.js file:
`
const config=require('config');
const express=require('express');
const app=express();
app.use(express.json()); //BUILT-IN EXPRESS MIDDLEWARE-FUNCTION
//CONFIGURATION
console.log('Current Working Environment:',process.env.NODE_ENV);
console.log('Name is:', config.get('name'));
console.log('Server is:', config.get('mail.host'));
console.log('Password is:', config.get('mail.password'));
`
I set NODE_ENV to production by the power shell command: $env:NODE_ENV="production".
My production.json file inside the config folder is:
`{
"name":"My Productoin Environmet",
"mail":{
"host": "Prod-Environment"
}
}`
And custom-environment-variables.json file is:
`{
"mail":{
"passwrod":"app_password"
}
}`
I set app_password to 12345678 by the power shell command : $env:app_password="12345678"
config.get() is supposed to look at various sources to look for this configurations including, json files, configuration files and also environment variables. But whenever I run my app, I get the following error:
`throw new Error('Configuration property "' + property + '" is not defined'); Error: Configuration property "mail.password" is not defined`
If I remove the line : console.log('Password is:', config.get('mail.password')); everything goes well. Please, guide me what is the solution?
Firstly you have a lot of syntactical errors for example in
custom-environment-variables.json
{
"mail":{
"password":"app_password"
}
}
Now if u need to store the password of your mail server in the environment variables
On windows
$env:app_password=12345
On Linux and OSX:
export app_password=12345
how to run ?
app.js
const config = require("config");
console.log("Mail Password: " + config.get("mail.password"));
i had the same problem because i didn't define an environment variable for storing the password of the mail server. So, my suggestion will be define your environment variable for storing the password using the below command line (mac) and then your code should work.
export app_password=/* the password you want to set */
how to define an environment variable for storing the password of the mail server.
While defining environment variables in command_prompt don't put space on either side of '=' sign.....
eg:
set app_password = 123456 -----> is wrong way
set app_password=123456 -----> will work
The issue in 99% of cases is in the name of the file in the config folder, storing your custom variables
To add on: make sure your file has .json extension.

How to get pem file in js file

I am new to javascript. I am trying to implement OAuth 2.0 for Server to Server Applications for that i am using this library. So while i was doing this
googleAuth.authenticate(
{
email: 'my.gserviceaccount.com',
keyFile: fs.readFileSync("./accesstoken/key.pem"),
scopes: ['https://www.googleapis.com/auth/drive.readonly']
},
function (err, token) {
console.log(token);
console.log("err:"+err);
});
it gave me following exception
ENOENT: no such file or directory, open '-----BEGIN PRIVATE KEY-----asdasxxx---END PRIVATE KEY-----
my file pem.key file is in the same directory in which my js file is.
There is no need of fs.readFileSync
keyFile: fs.readFileSync("./accesstoken/key.pem"),
Just give simple path to file
keyFile: "./key.pem", // if file is in same folder
As given in Original Doc :
// the path to the PEM file to use for the cryptographic key (ignored if 'key' is also defined)
// the key will be used to sign the JWT and validated by Google OAuth
keyFile: 'path/to/key.pem',

Angular 5 externalize prod passwords

I have prod and dev environments. Prod env is using user credentials to log in (in the future there will be a technical user but for now we need to pass our credentials).
I want to be able to send the compiled file to my colleague but without my credentials. Instead of that I would like to have json file with credentials so each of us would have own file eg. in project root or on C:/.
Is there a simply way to externalize data like that? I want to only import the file instead of calling the http to fetch it.
export const environment = {
production: false,
url: '../assets/vdbs.json',
token: '',
};
I want the token to be placed in another file so I would end with
export const environment = {
production: false,
url: '../assets/vdbs.json',
};
and separate file eg.
token: sometoken,
anotherdata; somedata,
or
TOKEN = sometoken;
ANOTHER_DATA = somedata;

Sails.js -- Accessing local.js environment settings in controllers

In production I have AWS credentials stored as heroku config variables.
In development I want to include the config details in config/local.js, but how do I access the config details in a controller?
local.js contains:
module.exports = {
aws_key: "...", aws_secret: "..."
}
In my controller I have tried aws_key, config.aws_key, and others - but no luck. Is there a main app namespace that I can use to scope into the properties exported by local.js?
I am new to sails and I feel like this should be straight forward - any help would be appreciated.
Solution found. Step 3 was where I was having trouble.
tl;dr
What I didn't realize was that the module.exports.thing makes the thing object available through sails.config.thing. Good to know.
1) I created a new file at config/aws.js with the contents
// Get heroku config values
module.exports.aws = {
key: process.env.AWS_KEY,
secret: process.env.AWS_SECRET
}
2) In local.js put the actual AWS creds (this won't end up in the repository since sails automatically ignores local.js using gitignore).
aws: {
key: actual-key,
secret: actual-secret
}
This allows for local testing where we don't have access to the heroku config settings, while protecting these values from being exposed in a github repo.
3) Now, to access in the controller:
var aws_config = sails.config.aws;
AWS.config.update({
accessKeyId: aws_config.key,
secretAccessKey: aws_config.secret
});

Categories