Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/danini-the-panini/rails_webpack_credentials
Experiment using a custom loader to inject rails credentials into JS
https://github.com/danini-the-panini/rails_webpack_credentials
Last synced: 15 days ago
JSON representation
Experiment using a custom loader to inject rails credentials into JS
- Host: GitHub
- URL: https://github.com/danini-the-panini/rails_webpack_credentials
- Owner: danini-the-panini
- Created: 2020-06-30T23:02:21.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2023-01-19T19:40:36.000Z (almost 2 years ago)
- Last Synced: 2023-06-11T05:35:18.038Z (over 1 year ago)
- Language: Ruby
- Size: 1.33 MB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 29
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
Been having problems using [`rails-erb-loader`](https://github.com/usabilityhub/rails-erb-loader) in practice. Since all I'm really using it for is injecting credentials into JS, I figured I'd just write a loader that just does that. It should be faster as well since it doesn't have to spin up a Rails environment for every file that needs it.
The secret sauce is in the [webpack loader](config/webpack/loaders/credentials/loader.js). It decrypts the credentials file using node's decipher, and just uses a plain-old-ruby process just to deserialise the decrypted file, since it's a marshalled string. Then, it just regexes a magic string in each JS file and replaces that with the value from the credentials, e.g.
```javascript
const API_KEY = $$RailsCredentials.some_api_key;
``````yaml
# credentials.yml
some_api_key: XXX-00000-YYY
```becomes:
```javascript
const API_KEY = "XXX-00000-YYY";
```Usage can be seen in [application.js](app/javascript/packs/application.js#L18-L19). It supports nested keys, and it just JSON stringifies whatever you ask for, so if you get an object back you'll get an object.
NOTE: I still haven't added support for different credentials environments yet. But it should be as simple as reading `RAILS_ENV` and searching for the file if it exists.
CAVEAT: Just be careful not to accidentally leak secrets into the JS that you don't want to!!