What is the best way to store database connection string in an electron app?

Question

I am developing an electron app that connects to a remote couchdb database using a connection string which contains the db's username and password, something like https://admin:admin@IP:PORT

But I do not wish to reveal the database credentials in the electron app due to security reasons, is there any way I can:

a) Either store the aforementioned db url in a secured way inside the electron app? b) or, create a nginx proxy at my server's end that will help connect my electron app using a proxy url without revealing the db username/password?

I also have some secret third party service keys (bugsnag key etc etc) in my electron app that I need to store securely, please suggest a way to do so.

PS: I am using electron-builder to package my app.

Thanks in advance

Answer 1

There is npm module that for storing the security information at Electron app. Please have a look at keytar module that developed by atom

But anyhow, after packing the app using Electron-builder then this encrypted data will be stored inside of your Electron app resource or somewhere. Such in asar package, Application Data or somewhere Else.(I'm not sure where it is since I've not attempted to find this data location.) Even though the data is encrypted but anyone can access this. You should use the right method to encrypt so.