I am creating admin credentials for my app, the model is quite simple, it has username and password properties and some validation as well. I have a function where I populate some information to the db.
async function init() {
const admin = new Admin({
username: "admin",
password: "12345"
});
const salt = await bcrypt.genSalt(10);
admin.password = await bcrypt.hash(admin.password, salt);
try {
await admin.save({ username: admin.username });
} catch (ex) {
console.log(ex.message);
}
}
However, with this approach I am saving the password in my source code and I don’t want that. I was thinking that maybe I could store my admin password in an environment variable using the config package.
I tried the following:
- Created a default.json file:
{
"adminPassword": ""
}
- Created a custom-environment-variables.json file:
{
"adminPassword": "fifteen_adminPassword"
}
- Then:
const admin = new Admin({
username: "admin",
password: config.get("adminPassword")
});
Finally I set the env variable export fifteen_adminPassword=12345 but this fails when I’m authenticating with invalid password.