Geek Answers Handbook

Where should I store my private keys for my Node.js application?

I really fight for how I should hide my keys.

The two keys I need to hide are secrets.crypto and secrets.jwt ... I plan to host my application on AWS using Elastic Beanstalk.

Also, I'm not sure where I would put my keys to access things like my Dynamodb and my S3 bucket.

exports.generateToken = (type, user) => { if (!_.isString(type)) { return undefined; } try { //Turn the json object of the current user id and the type of token into a string var stringData = JSON.stringify({ _id: user._id, type: type }); //Take the json string and encrypt it with a secret then turn it back into a string var encryptedData = cryptojs.AES.encrypt(stringData, secrets.crypto).toString(); //Take the encryptedData and turn it into a token with a secret var token = jwt.sign({ token: encryptedData }, secrets.jwt); return token; } catch(e) { return undefined; } };
+7
amazon-s3 amazon-web-services amazon-dynamodb elastic-beanstalk
source share
2 answers

In Elastic Beanstalk, I find that environment variables are the preferred way to store such keys. You can use the eb setenv key=value command to set the environment variable. Read more about it here .

To access the AWS API, which you mention regarding access to DynamoDB and S3, you won’t use any keys at all. To do this, you must assign an IAM instance profile to EC2 servers created by Elastic Beanstalk. This is described here .

+5
source share

Create a configuration file for all envoirments, such as developing, creating and adding all init private keys and using them anywhere.

 config.json file { "development": { "Secret1": "Your Secret Here", "Secret2": "Your Secret Here", "db":{ //development database settings here } }, "production": { "Secret1": "Your Secret Here", "Secret2": "Your Secret Here", "db":{ //development database settings here } } } var config = require('./config.json'); config.Secret1;
-2
source share

More articles:


All Articles