Prompt for username & password if missing from connection string

[mmalik76]

Right now the app assumes Integrated Security for MS SQL unless the ConnectionString is set. If you are not using Integrated Security you have to specify the username and password in the connection string, which if you are checking your bat files into source control, for example, could be a problem.

I was thinking one option would be if a ConnectionString is provided and the username or password tokens are provided but blank then prompt the user for the missing values. Another option would be to add a config option for Username, which if set the app would then prompt the user for a password.

[BiggerNoise]

I certainly understand the issue, but why not have your batch file do the prompting?

Reading the docs on SET it looks like SET /P will do a prompt in the batch file. We use javascript for similar ends and wrote the prompt into the javascript file so that when it execs RH, it has the password.

[mmalik76]

I will be honest that is not something I had thought about, but it would mean a user couldn't take advantage of using an external json config file, at least not for connection info, and would have to add more logic into each batch file.

[mmalik76]

I was doing some testing of prompting for the password in the batch file using the SET command, and it works, but the password is displayed in plain text unlike when using the InteractivePrompt.get_password() method. I found a post on Stackoverflow with an example of how to use powershell to solve this problem within a batch script or by switching to using powershell. However, in some cases this is not always and option.

[BiggerNoise]

This idea is analogous to what sqlcmd does, so I'm warming up to it. Outside of batch files, it also has the advantage of keeping your passwords out of your command line history.

I would like to sit on it for a bit until we can get some of the other big items off the plate. I'd really like to hear some more voices on this also.

In the meantime, I would definitely support the idea of being able to pass the password flag in conjunction with using a JSON file for the rest of configuration. I don't know that this doesn't already work, but that seems like a very good way to get 90% of what we're looking for.

If you wouldn't mind checking that flags override the JSON file and writing a separate issue if they don't that would be great. If we can do that much, I think that we can make the amount of logic needed in a bat file pretty minimal.

[BiggerNoise]

Just saw your other comment. Blech.

Let me dig into the code a bit and see if this is something that can be accomplished without too much pain.

[mmalik76]

I was able to confirm that the command line flags override what is in the JSON file

[BiggerNoise]

@mmalik76 - Thank you for confirming that. This is a good idea. There's a lot going on at the moment, but I think I would like to add this. It will probably be a while before I can really dig in though

[mmalik76]

I'm happy to help out however I can, so just let me know. I'm just not sure what the best approach is to address this.