search

CDLUC3 / dmsp_frontend_prototype

Repo to test out new NextJS framework
MIT License
0 stars 0 forks source link

Add use of AWS Secrets Manager to NextJS app in order to get JWT Secret #62

Open jupiter007 opened 3 months ago

jupiter007 commented 3 months ago

We need a secure way to access the JWT Secret between the NextJS app and the backend NodeJS Express server. The best option appears to be AWS Secrets Manager. It is very secure, and allows us to rotate out the secret.

The frontend implementation will most likely be done using the aws-sdk package.

Example:

const AWS = require('aws-sdk');

const getSecret = async (secretName) => {
    const client = new AWS.SecretsManager({
        region: 'us-west-2'
    });
    const data = await client.getSecretValue({SecretId: secretName}).promise();
jupiter007 commented 3 months ago

Blocked by this ticket: https://github.com/CDLUC3/dmsp_aws_prototype/issues/153