generator-sails-rest-api icon indicating copy to clipboard operation
generator-sails-rest-api copied to clipboard

Published 20 hours ago verified publisher icon ghaiklor

should move sensitive configs into local.js to prevent them from being in the repos

Open mikedevita opened this issue 8 years ago • 7 comments

I will be submitting another PR to resolve this if you like, basically in the api/services/* files you do something like this.. this can be applied for things like db name, user, host and password.

const _      = require('lodash')
const config = _.merge(require('../../config/services/mailer'), require('../../config/local'));

and create a config/local.js with something like this....

"use strict";

module.exports = {
  services: {
    cipher: {},
    hash: {},
    image: {},
    location: {},
    mailer: {},
    payment: {},
    pusher: {},
    sms: {},
    social: {},
    storage: {}
  }
}

mikedevita avatar Dec 14 '16 15:12 mikedevita

@mikedevita you can achieve the same behavior with default Sails setup. Just create config/local.js file and it overrides any properties you declare there. There is no needs for implementing such kind of features.

http://sailsjs.com/documentation/concepts/configuration/the-local-js-file

ghaiklor avatar Dec 14 '16 20:12 ghaiklor

Does it override or does it merge?

mikedevita avatar Dec 14 '16 21:12 mikedevita

@mikedevita it overrides and merges. If property exists, it will be overridden, otherwise it will be merged.

ghaiklor avatar Dec 15 '16 10:12 ghaiklor

@ghaiklor that idea wont work as is because you call const config = require('../../config/services/mailer'); independently and don't hook into sails.config.services.* so either there needs to be a change in the config to use sails.config.services or use merge like i suggested.

which if going the route of sails.config.services then i don't think it works out of box because sails isn't accessible in the services files as is. Some minor refactoring will need to be redone..

each service should module.exports and then be wrapped in a function..

module.exports = {
  jwt: function() {
    return cipher('jwt', sails.config.services.cipher.jwt)
  }
}

mikedevita avatar Dec 15 '16 13:12 mikedevita

@mikedevita yeah, I see, makes sense. It will be great to get rid of direct requiring of configuration files and use sails.config.

ghaiklor avatar Dec 15 '16 21:12 ghaiklor

Ill look into this and submit another PR..

mikedevita avatar Dec 15 '16 21:12 mikedevita

a bit of an update, by making the services functions you can then obtain access to sails.config

e.g;

api/services/CipherService.js

module.exports = {
  jwt: (config) => cipher('jwt', _.merge({}, sails.config.services.cipher.jwt, config))
}

doing this you can then change anywhere CipherService.jwt.encodeSync() to be CipherService.jwt().encodeSync() I am not sure how to modify the yo generators to include this new syntax though. So any help would be appreciated there.

mikedevita avatar May 16 '17 15:05 mikedevita