I'm trying to connect to postgres via node using the md5 authentication method.
My pg_hba_conf file looks like this:
"local" is for Unix domain socket connections only
local all all md5
IPv4 local connections:
host all all 127.0.0.1/32 md5
IPv6 local connections:
host all all ::1/128 md5
I can connect to the database via psql without any problems, but my question is how do you create the connection string within node to connect to postgres when via md5? If I change the pg_hba.conf to use 'password' as the authentication method, then I can connect to the database with the following:
let connectionString = postgres://user:password#localhost:5432/database';
I had thought that I could md5hash my password within the connectionString e.g:
let password = crypto.createHash('md5').update(my_password).digest('hex');
let connectionString = 'postgres://user:' + password + '#localhost:5432/database';
But this didn't work :-(
Can someone point me in the right direction as to how you access postgres via Node using md5 authentication?
Cheers
Use:
let connectionString = 'postgres://user:' + my_password + '#localhost:5432/database';
Documentation says:
var client = new Client('postgres://brian:mypassword#localhost:5432/dev');
It doesn't mention md5 at all. It's database driver job to encode and send properly encoded password.
Related
I have the following problem. I created a PostgreSQL user app with this statement:
CREATE USER app WITH ENCRYPTED PASSWORD 'qwerty';
Then I gave it some privileges in my database bazy.
Then I access a database by authenticating as this user and using pg module like this:
const { Pool } = require('pg');
(async function() {
let pool = new Pool({
user: "app",
host: 'localhost',
database: "bazy",
password: "BS",
port: 5432
});
let client = await pool.connect();
let { rows } = await client.query("SELECT 'I love you';");
console.log(rows);
})();
The problem is that this works and gives this output:
[ { '?column?': 'I love you' } ]
But this should not work, for the password of the user is qwerty, not BS. And the thing is that any password works here.
What have I done wrong?
[EDIT]
The answer of #mike.k is 100% helpful.
The not commented (almost) part of pg_hba.conf file, which we can find following these instructions, looks like this:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all trust
host replication all 127.0.0.1/32 trust
host replication all ::1/128 trust
We can see here that we do not require password in any type of connections listed here, for method trust means that in order to connect to those users we are not required any password (it is ignored obviously), in order to change that we can use method password or md5 or scram-sha-256 instead, as is said in pg_hba.conf file:
# Note that "password" sends passwords in clear text; "md5" or
# "scram-sha-256" are preferred since they send encrypted passwords.
To be honest, I don't know where exactly I should change it, though. ¯\_(ツ)_/¯. So I changed all of them (of the methods to password) and it worked :) It requires passwords now.
Check your pg_hba.conf content, it might be configured to not require a password for localhost connections.
Try using the local IP address and you might see that it behaves differently. Or try connecting from another system on the same network.
I am working to develop a server with Node.js to request a postgreSQL database. My problem is, that I can't connect (with my local computer, using wifi connection, not ethernet) to this server, and also to the postgreSQL.
I have an username and a password to connect to the server, and also an another username and password to connect the database.
How can to connect both of those, and get the information I want from the postgreSQL database? Can I connect to this server with command bash like ssh but in node.js?
I did something like this:
var ssh = new SSH({
host: 'hostname',
user: 'user',
pass: 'password'
});
or something like this:
var connectionString = 'postgres://user:password#database:port';
I have another problem, my teacher give me a password containing a #, and I think this will make some problems when I have to put my password:
postgres://user:pass**#**word#database:port
How to bypass this password problem?
you need to pass ip address of machine where database resides in place of hostname.
I am learning NodeJS by building a JWT server. Basically I want to authorize users against credentials in a PostgreSQL database. I am considering node-postgres, passport, pg to connect with PostgreSQL but I have not found anyway to store my connection values encrypted. Ideally I would store them in a properties file so I can change them per environment.
Most examples I see do something like:
var pg = require('pg');
var conString = "postgres://YourUserName:YourPassword#localhost:5432/YourDatabase";
Can someone help show me how to encrypt and use my credentials so I don't have to hard code the plain values in my source?
There seem to exist npm packages for this already. See https://www.npmjs.com/package/secure-conf. Seems to fulfill your needs.
Please note, that you should also secure your Connection to the DB using SSL. See SSL for PostgreSQL connection nodejs for a Solution.
This should help.
if you use sequelize to connect postgres
const sequelize = new Sequelize("DB", usrname, password, {
host: "/var/run/postgresql",
dialect: "postgres",
});
NB: get the host string from your pgsl db might be different //
I have a NodeJS Express app that uses Mongoose for MongoDB. I'm confused as to how to connect it to the OpenShift database. For development, I'm connecting to a local database, which works fine. Here's what I have:
//====== MONGODB SETUP ======
mongo_url = process.env.OPENSHIFT_MONGODB_DB_HOST+":"+parseInt(process.env.OPENSHIFT_MONGODB_DB_PORT);
if(app.dev){
mongo_url = "mongodb://localhost:27017/my-db";
}
app.modules.mongoose.connect(mongo_url);
Any help would be great!
You need more than just host and port. You have to provide username and password.
A simpler way for it is to use:
mongo_url = process.env.OPENSHIFT_MONGODB_DB_URL;
OPENSHIFT_MONGODB_DB_URL has username and password too.
You have to provide username and password and the database name along with host and port.
So you can try appending OPENSHIFT_APP_NAME to the OPENSHIFT_MONGODB_DB_URL.
mongo_url = process.env.OPENSHIFT_MONGODB_DB_URL+process.env.OPENSHIFT_APP_NAME;
OPENSHIFT_MONGODB_DB_URL has the below format:
(e.g. mongodb://<username>:<password>#<hostname>:<port>/)
I am Using Nodejs with MySQL.
But problem is that My MYSQL Connection Password Able to see in browser, With this any user get my my SQL username and Password.
Is it possible no one can see my MySQL Connection permanent as its is a server side.
Can any one help me in this.
Do not send you password to client but store it in a variable inside your server-side script. On a request, use it to access database and send only the result of the operation.
If you show your code you might get a more detailed answer then this...
var connection = mysql.createConnection({
host : 'host',
user : 'dbuser',
password : "pword",
database : 'database',
});
connection.connect();
connection.query(etc etc etc)
for full example see mysql module in node.js not works in my case
or another way is to save the configuration and password details in either an env file or other file (or even sqlite db file and load it on startup/restart of your script