npm
Sign UpSign In

node-vault-user-pass
TypeScript icon, indicating that this package has built-in type declarations

0.0.8 • Public • Published

Node.JS-Vault-Username-Password

A sample code for Node.JS Vault by Hashicorp involving Username and Password based Authentication. This ensures that all data is securely stored behind username-password based authentication.

In case a user, has no desire to store Secrets on the Vault, this code can also be used for User Authentication as well.

For further details regarding Password Based Auth, check out https://learn.hashicorp.com/vault/secrets-management/sm-static-secrets

This code also tries to ensure that One User cannot access data of another user present in the Vault.

Install with npm i node-vault-user-pass

Sample Code

CONFIGURATION

// process.env.DEBUG = 'node-vault'; // switch on debug mode
const { VaultAccess } = require("node-vault-user-pass");

Initialize

const Vault = new VaultAccess({
  Authority: ["create", "read", "update", "delete", "list", "sudo"],
  Path: "path",
  Policy: "auth_policy",
  EndPoint: "http://localhost:8200",
  UserName: "username",
  SecretMountPoint: "secret_zone",
  // Either Set this in Command Line as an Environment Variable
  // Use set VAULT_TOKEN or export VAULT_TOKEN depending
  // upon your OS
  // Or Provide it as String Here
  // This must be a Root Token
  // Or a token with substantial access
  Token: String(process.env.VAULT_TOKEN),
  // Yet to be Implemented
  CertificateMountPoint: "certificate"
});

RUNNING

async function run() {
  // In Order to run Setup, the user needs Root Token
  await Vault.Setup();
  await Vault.SignUp("password" /*'username'*/);
  console.log("Sign Up Successfull");
  await Vault.SignIn("password" /*'username'*/);
  console.log("Sign In Successfull");
 
  const value = {
    foo: "3",
    bar: "4"
  };
  await Vault.Write("key", value);
  console.log("Wrote Value", value, "successfully");
  const val = await Vault.Read("key");
  console.log("Read value is ", val);
 
  // Unmount is an admin action
  // As such, the user needs Root Token
  // Or At least access to /sys/mount provided
  await Vault.Unmount();
}
 
run().then(() => {
  console.log("done");
});

Reason for Creation

  1. To Ensure Secured Access to data
  2. To Ensure Secured Storage of Data
  3. This Project was mostly born out of a linkage with A Blockchain Based project where we needed to store Public and Private Keys in a secure manner

TODO

  1. Add Support for Certificates

DEPENDENCIES

  1. node-vault Library for API Calls to Vault

RUNNING Vault

You can run Vault via Docker. I have created a simple script to run Vault with Docker.

Contact Us

You could contact me via LinkedIn You could file issues or add features via Pull Requests on GitHub

/node-vault-user-pass/

    Package Sidebar

    Install

    npm i node-vault-user-pass

    Repository

    github.com/pratikpc/Node.JS-Vault-Username-Password

    Homepage

    github.com/pratikpc/Node.JS-Vault-Username-Password#readme

    Weekly Downloads

    12

    Version

    0.0.8

    License

    MIT

    Unpacked Size

    26 kB

    Total Files

    6

    Last publish

    Collaborators

    • pratikpc
    Try on RunKit
    Report malware