Node.JS-Vault-Username-Password
A sample code for Node.JS Vault by Hashicorp involving Username and Password based Authentication. This ensures that all data is securely stored behind username-password based authentication.
In case a user, has no desire to store Secrets on the Vault, this code can also be used for User Authentication as well.
For further details regarding Password Based Auth, check out https://learn.hashicorp.com/vault/secrets-management/sm-static-secrets
This code also tries to ensure that One User cannot access data of another user present in the Vault.
Install with
npm i node-vault-user-pass
Sample Code
CONFIGURATION
// process.env.DEBUG = 'node-vault'; // switch on debug modeconst VaultAccess = ;
Initialize
const Vault = Authority: "create" "read" "update" "delete" "list" "sudo" Path: "path" Policy: "auth_policy" EndPoint: "http://localhost:8200" UserName: "username" SecretMountPoint: "secret_zone" // Either Set this in Command Line as an Environment Variable // Use set VAULT_TOKEN or export VAULT_TOKEN depending // upon your OS // Or Provide it as String Here // This must be a Root Token // Or a token with substantial access Token: StringprocessenvVAULT_TOKEN // Yet to be Implemented CertificateMountPoint: "certificate";
RUNNING
{ // In Order to run Setup, the user needs Root Token await Vault; await Vault; console; await Vault; console; const value = foo: "3" bar: "4" ; await Vault; console; const val = await Vault; console; // Unmount is an admin action // As such, the user needs Root Token // Or At least access to /sys/mount provided await Vault;} ;
Reason for Creation
- To Ensure Secured Access to data
- To Ensure Secured Storage of Data
- This Project was mostly born out of a linkage with A Blockchain Based project where we needed to store Public and Private Keys in a secure manner
TODO
DEPENDENCIES
- node-vault Library for API Calls to Vault
RUNNING Vault
You can run Vault via Docker. I have created a simple script to run Vault with Docker.
Contact Us
You could contact me via LinkedIn You could file issues or add features via Pull Requests on GitHub