Git Product home page Git Product logo

Comments (5)

RobStallion avatar RobStallion commented on May 20, 2024 1

@monting I think that you are having this issue because of the double quotes you have used in your .env file...

export SOME_ENV_VAR="randomString"

should be...

export SOME_ENV_VAR=randomString

Try this out and let me know if this works for you.

To answer your question about the code to load the environment variables. I didn't write this tutorial/example but I think that it was added so that people do not have to remember to type source .env into their terminal every time that they add a variable. Reduces the chance of human error (and removes repetition)

from phoenix-ecto-encryption-example.

monting avatar monting commented on May 20, 2024

@RobStallion thanks for your response! Appreciate it.

It is indeed because I'm quoting my shell variable exports. I'd say this is accepted, even recommended practice, so there are readers that will encounter this. Quoting is safer - necessary if you have whitespaces, easier to see that there are no trailing whitespace,...

Furthermore, there's an instance here:
https://github.com/dwyl/phoenix-ecto-encryption-example/blob/master/.env_sample#L2

where the quotes are later getting stripped out here:

phoenix-ecto-encryption-example/config/config.exs

Lines 45 to 49 in 6d79f25

config :encryption, Encryption.AES,
keys: System.get_env("ENCRYPTION_KEYS") # get the ENCRYPTION_KEYS env variable
|> String.replace("'", "") # remove single-quotes around key list in .env
|> String.split(",") # split the CSV list of keys
|> Enum.map(fn key -> :base64.decode(key) end) # decode the key.

This makes quoting inconsistent in the .env file, and one would need to remember not to quote other variables.

I'd say that this is too much env var fiddling, for just being able to load env vars automatically, which is something that seems to be out of scope for the topic of this fantastic readme.

from phoenix-ecto-encryption-example.

nelsonic avatar nelsonic commented on May 20, 2024

@RobStallion thanks for responding, agreed. ✅
@monting the only reason for this was we couldn't figure out how to have multiple encryption keys ... which was a requirement our infosec person demanded when we were putting together this README.md (in case it wasn't clear, this was a spike we were doing to prove to a fintech co that it was possible to do transparent encryption...)
Indeed the single quotes are being removed in the pipeline.
We agree that this is not an ideal way of having multiple encryption keys.
But this example was not mean to be perfect just a "Proof of Concept".

If you have time to improve it, please create a PR. 👍

from phoenix-ecto-encryption-example.

monting avatar monting commented on May 20, 2024

@nelsonic thanks for the response, and your work on this has been a godsend 👏

I can see the reasoning behind the multiple encryption keys.
I was more arguing against the code that autoloads env variables in .env:

phoenix-ecto-encryption-example/config/config.exs

Lines 30 to 42 in 6d79f25

try do # wrap in "try do"
File.stream!("./.env") # in case .env file does not exist.
|> Stream.map(&String.trim_trailing/1) # remove excess whitespace
|> Enum.each(fn line -> line # loop through each line
|> String.replace("export ", "") # remove "export" from line
|> String.split("=", parts: 2) # split on *first* "=" (equals sign)
|> Enum.reduce(fn(value, key) -> # stackoverflow.com/q/33055834/1148249
System.put_env(key, value) # set each environment variable
end)
end)
rescue
_ -> IO.puts "no .env file found!"
end

Will send PR for improvement.

from phoenix-ecto-encryption-example.

nelsonic avatar nelsonic commented on May 20, 2024

@monting I figured that if I was going to split the encryption keys, I might as well write a tiny function to load all the environment variables from the .env file.
It's a rudimentary Elixir version of https://github.com/dwyl/env2 which we used everywhere.

from phoenix-ecto-encryption-example.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.