npm
Sign UpSign In

node-vault-user-pass
TypeScript icon, indicating that this package has built-in type declarations

0.0.8 • Public • Published

Node.JS-Vault-Username-Password

A sample code for Node.JS Vault by Hashicorp involving Username and Password based Authentication. This ensures that all data is securely stored behind username-password based authentication.

In case a user, has no desire to store Secrets on the Vault, this code can also be used for User Authentication as well.

For further details regarding Password Based Auth, check out https://learn.hashicorp.com/vault/secrets-management/sm-static-secrets

This code also tries to ensure that One User cannot access data of another user present in the Vault.

Install with npm i node-vault-user-pass

Sample Code

CONFIGURATION

// process.env.DEBUG = 'node-vault'; // switch on debug mode
const { VaultAccess } = require("node-vault-user-pass");

Initialize

const Vault = new VaultAccess({
  Authority: ["create", "read", "update", "delete", "list", "sudo"],
  Path: "path",
  Policy: "auth_policy",
  EndPoint: "http://localhost:8200",
  UserName: "username",
  SecretMountPoint: "secret_zone",
  // Either Set this in Command Line as an Environment Variable
  // Use set VAULT_TOKEN or export VAULT_TOKEN depending
  // upon your OS
  // Or Provide it as String Here
  // This must be a Root Token
  // Or a token with substantial access
  Token: String(process.env.VAULT_TOKEN),
  // Yet to be Implemented
  CertificateMountPoint: "certificate"
});

RUNNING

async function run() {
  // In Order to run Setup, the user needs Root Token
  await Vault.Setup();
  await Vault.SignUp("password" /*'username'*/);
  console.log("Sign Up Successfull");
  await Vault.SignIn("password" /*'username'*/);
  console.log("Sign In Successfull");
 
  const value = {
    foo: "3",
    bar: "4"
  };
  await Vault.Write("key", value);
  console.log("Wrote Value", value, "successfully");
  const val = await Vault.Read("key");
  console.log("Read value is ", val);
 
  // Unmount is an admin action
  // As such, the user needs Root Token
  // Or At least access to /sys/mount provided
  await Vault.Unmount();
}
 
run().then(() => {
  console.log("done");
});

Reason for Creation

  1. To Ensure Secured Access to data
  2. To Ensure Secured Storage of Data
  3. This Project was mostly born out of a linkage with A Blockchain Based project where we needed to store Public and Private Keys in a secure manner

TODO

  1. Add Support for Certificates

DEPENDENCIES

  1. node-vault Library for API Calls to Vault

RUNNING Vault

You can run Vault via Docker. I have created a simple script to run Vault with Docker.

Contact Us

You could contact me via LinkedIn You could file issues or add features via Pull Requests on GitHub

Readme

Keywords

Package Sidebar

Install

npm i node-vault-user-pass

Repository

github.com/pratikpc/Node.JS-Vault-Username-Password

Homepage

github.com/pratikpc/Node.JS-Vault-Username-Password#readme

Weekly Downloads

1

Version

0.0.8

License

MIT

Unpacked Size

26 kB

Total Files

6

Last publish

Collaborators

  • pratikpc
Try on RunKit
Report malware