Introduction
This example shows how to store a password securely in a configuration file. To do this we encrypt the password and save it to the configuration file, and then we load and decrypt it at runtime when it is needed.
This method is much more secure than storing a password (as plain text) in the Lua code of a Translator instance since it stops the information going into GIT source control.
If you have any questions please contact us at support@interfaceware.com.
Using the Code [top]
- Import the Encrypt Password in File channel from the Builtin: Iguana Files repository
- Experiment with the code to find out how it works
- Then add the module to your Translator project
- Copy the require statement from the channel and add it at the top of your script
Note: This module uses require to return a table
- Adapt the code to your own requirements
- Load the password using config.load{}
- For security choose your own configuration file name and encryption key, do not use the ones shown on this page
- For efficiency call the module outside of the main() function, to avoid the overhead of loading a file each time a message is processed
- One-off code: The last line in
main()is a single line of “one-off” code that is used to encrypt the password:- Execute this code once inside the Editor to encrypt the password
Note: You will need to run it again (once inside the editor) whenever the password changes - This line uses
config.save{}to save the encrypted password in the configuration file - Steps to encrypt and save a password:
- Enter the real password you want to encrypt, by modifying the
passwordparameter of theconfig.save{}function - Uncomment the line of code so it runs to encrypts and saves the password
- Comment out the line of code, then replace the real password with a fake
Note: If don’t comment the line first then the fake password will be encrypted - Check the
config.load{}test code is returning the correct password - Warning: Be careful to never save a commit that includes a real password
- Enter the real password you want to encrypt, by modifying the
- Execute this code once inside the Editor to encrypt the password
- Interactive scripting help is included for this module
This is the github code for the main module:
How it works [top]
- Production: There only one line of code that runs in production:
- This line uses
config.load{}to load the password from the configuration file - This line is run outside of the
main()function to avoid the overhead of loading a file for each message processed
- This line uses
- Editor: There are several lines of test code for demonstration purposes:
- First we use
iguana.isTest()to ensure the code only runs in the Editor - Then we find and display the Iguana working directory, using the
iguana.workingDir()function - Finally we load and display the decrypted password to confirm that it is correct, using the
config.load{}function
- First we use
- One-off code: The last line in
main()is “one-off” code that is used to encrypt and save the password:- This line uses
config.save{}to save the encrypted password in the configuration file
Note: This line should remain commented out at all times, except when you need to encrypt a password within the Editor
- This line uses
More information [top]
- Source code for the main module on github
- Source code for the encrypt.password.lua module on github
- API documentation for iguana