avoid hardcoded password in config file

[wangsenyan]

Suggestion

Hi,is there any way to avoid hardcoded password in config file or datasource file ?

for example:

i set encrypted password in config file,

when loopback boot, it auto automatic decryption,

So even if my files are leaked, my password is still safe

thanks

[arnaud16571542]

One way to solve this problem is to transmit password through env variables. In that way, no password are stored in your code. Take at dotenvext npm.