npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

client-creds

v1.0.1

Published

A library for storing FTP credentials with secure, encrypted passwords.

Downloads

5

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

danny.beyrerdanny.beyrer

Keywords

Readme

client-creds

Simple Node.js application using MongoDB to store and query FTP/WebDAV credentials with encrypted passwords.

Build Status

Installation and Configuration

npm install client-creds

After running npm install, a .env file (or your existing .env file) will be populated with MONGO_URI and CRYPTO_KEY. CRYPTO_KEY is a random 32 character string generated via the Node crypto module. You may replace it with your own random 32 character string. These environment variables must be present in your deployed application in order to use this module. Also, your CRYPTO_KEY value must be identical across environments in order to decrypt credentials across environments.

Documentation

There are two accessible methods in the module right now.

addCredentialAndGetIV(ftpObject)

addCredentialAndGetIV(ftpObject) - This method stores an encrypted Credential object in a MongoDB instance and returns passIV. passIV is a key generated each time you call addCredentialAndGetIV(ftpObject) to store a set of FTP credentials. It, along with your application-level CRYPTO_KEY, will be used for encryption and decryption. encryptedPass is the resulting encrypted password for your set of FTP credentials.

ftpObject (method parameter):

  {
    host: "exchange-test.si.net",
    port: 4321,
    username: "test-client",
    pass: "test-password",
    path: "/"
  }

Credential object (stored in MongoDB):

  {
    host: "exchange-test.si.net",
    port: 4321,
    username: "test-client",
    encryptedPass: "dcc0887374e5ff18ed3c36de4d99e10b",
    passIV: "14d89b043c89fb38",
    path: "/"
  }

It is suggested to store passIV on an associated object in your application so it may be used for decryption later.

decryptCredsFromIV(passIV)

decryptCredsFromIV(passIV) - expects a passIV from a set of encrypted FTP credentials generated with addCredentialAndGetIV(ftpObject) and returns a decrypted set of FTP credentials in the format of the ftpObject shown above. It is not recommended to pass these credentials over a query string or as a parameter in a HTTP request. Only use them to connect to the associated FTP server.

Example

const clientcredentials = require('clientcredentials');

// Expected object from form input
let ftpObject = {
  host: "exchange-test.si.net",
  port: 4321,
  username: "test-client",
  pass: "test-password",
  path: "/"
};

async function processClientRegistration(clientRegistrationObject, ftpObject) {
  let await passIV = clientcredentials.addCredentialAndGetIV(ftpObject);

  //sudo code
  let await clientModel = ProcessClientRegistrationObject(clientRegistrationObject);
  clientModel.passIV = passIV;
  await clientModel.save();
}

async function connectToFTPWithClientModel(clientModel) {
  let passIV = clientModel.passIV;

  let ftpObject = await clientcredentials.decryptCredsFromIV(passIV);

  //sudo code
  authenticateFTPCredentials(ftpObject).then((result) => {
    doAThing();
  });
}