安全地存储密码的nodemailer

本文介绍了安全地存储密码的nodemailer的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我有一个使用 nodemailer 发送邮件的应用.

I have an app that sends mail using nodemailer.

transporter = nodemailer.createTransport({ service: 'Gmail', auth: { user: "email", pass: "what here?" } });

我只是想让应用保持开源状态(只是不想让纯文本密码基本上存在于任何地方).

I want to keep the app open source, just for the heck of it (along with not wanting a plain text password to exist basically anywhere).

我知道nodemailler-direct，但是这里有更好的选择吗?我还考虑过提示服务器控制台输入密码，但这也很麻烦.

I know of nodemailler-direct, but is there a better option here? I also thought about prompting the server console for password, but that's clunky as well.

是否有正确"或标准的方式来做这种事情?

Is there a "correct" or standard way to do such a thing?

推荐答案

使用环境变量:

transporter = nodemailer.createTransport({ service: process.env.NODEMAILER_SERVICE, auth: { user: process.env.NODEMAILER_USER, pass: process.env.NODEMAILER_PASS } });

您可以在服务器上设置这些变量，应用程序将对其进行提取.例如:

You can set these variables on the server and the application will pick them up. For example:

NODEMAILER_SERVICE="Gmail"