2

I've recently begun developing with NodeJS and ElectronJS to create some pretty nifty cross platform software. I want to take it a step further and integrate some database functionality.

While I'm aware that there are mysql packages available to install, I cringe at the idea that anybody can just unpack my asar.app file and see all of the connection details, including username, password, database name, table name, and other sensitive content that you really don't want to expose to people clever enough to break into your app's source code.

I've tried searching extensively on solutions to this problem, which I was surprised to find very little about. How do WhatsApp and Slack secure connections to their database if they were also built with ElectronJS?

Any and all resources are greatly appreciated. I basically want to be able to connect to a production server SQL database in an ElectronJS app without leaving some security backdoor to anybody who cracks the ASAR file.

Thank you!!

HarrisonCreates
  • 33
  • 7
  • the solution is always the same use a server side language like php python ... and use http to communicate tith the webserver and the webserver connects to the database. – nbk Apr 11 '20 at 21:17
  • create a webback end using Nodejs(express etc) or php framework, then create api end points and communicate your app with server over http . then backend can process the request and communicate with db and reply back. – namila007 Apr 12 '20 at 20:46
  • Amazing, you are both the best!! @namila007 thank you for the detailed explanation! Are there any video tutorials that you know of that showcase this process? – HarrisonCreates Apr 13 '20 at 02:35
  • I will add an answer – namila007 Apr 13 '20 at 10:40

1 Answers1

1

For this scenario, I suggest you to use a RESTful web service architecture. Basically you need 3 component, RESTful web back end, client application(your electron) and the database service( see the following image ; source:phppot.com) .For this I suggest you to use nodeJS backend and create a webservice using expressJS . You can define Restful (GET, POST,UPDATE, DELETE) API for each services. For ex: To get some data from your db, you can send a GET request to the following path <yourdomain>:<port>/api/v1/getyoursomthin using your electron app. Your express app process the request and get the relevant data from the data from the database (Tutorial). So your app can get the respond from the server and display to the user. I will add link to some tutorials. You can find and learn more by google :)

image1 | source: phppot.com( source:phppot.com)

namila007
  • 1,044
  • 9
  • 26
  • You're the best!! Thank you so much for explaining this all, it makes so much more sense now! I've accepted this post as the answer, thank you so much! – HarrisonCreates Apr 13 '20 at 17:05
  • no problem :) first learn the basic architecture and then move to technical side – namila007 Apr 13 '20 at 22:03