I’d like to store credentials (e.g. smtp password) outside database.
How can I pass credentials so that I can send mail? Maybe using plugings or something else?
The only place outside the DB that I can think of is a file. The process would be awkward and the data would be less secure than it would be in the DB, imo.
Can you explain why you want to do this?
I think your question is hard to understand, can you explain better what do you want to achieve?
Thank you for your answers guys!
the reason is simple, for security reason, a customer wants store credentials in HashiCorp Vault, Bitwarden Secrets Manager with Docker instead of database.
So all credentials will be saved in HashiCorp Vault for example and I will be able to access them through the php library.
Here is the example.
I want to send mail via mailgun but I want to store the password using the HashiCorp Vault service.
i.e., before initializing the modMail class, I need to override the mail_smtp_pass and mail_smtp_user settings for authorization on a remote server.
I tried to do it with a plugin (OnMODXInit event), but with this approach, the data is stored in the DB. How can this be done without storing the data in the database?
$setting = $modx->getObject('modSystemSetting', 'mail_smtp_user'); $setting->set('value', $_ENV['RB_SMTP_USER']); $setting->save(); $setting = $modx->getObject('modSystemSetting', 'mail_smtp_pass'); $setting->set('value', $_ENV['RB_SMTP_KEY']); $setting->save(); $modx->cacheManager->refresh(array('system_settings' => array()));
How do you intend to send the mails?
If you create your own code/snippet to send the mail (as described here), then you should be able to set the password there.
If you rely on existing code, then you probably have to create a plugin that gets the mail service and set the password there. But this only works, if the code that sends the mail uses the same service/class.
This seems to be the place in the MODX code where the smtp-password gets set:
The extra ClientConfig does something similar, so you could take a look at how it’s done there.
But AFAIK, all system settings are stored in the cache, so your password probably won’t be more secure, if you just change the system setting.
Thank you for the answer.
I will use memcache instead of file cache therefore it’s not possible to view the cache files or settings.
Sure I can develop dedicated snippet and use it for sending email, or send emails using mailgun api for example, but firstly, I’d like to resolve the issue using standard modx component (e.g. Formit, Register etc.).
Actually the issue is resolved.
I’ve checked ClientConfig and found out that they use $modx->setOption change the parameter values without adding any changes to the cache files of database.
You might want to take a look at the MailgunX class included in the Notify extra. It doesn’t handle the smtp settings, but you could modify it or use it as a base class and create a new class that does what you want.
This topic was automatically closed 2 days after discussion ended and a solution was marked. New replies are no longer allowed. You can open a new topic by clicking the link icon below the original post or solution and selecting “+ New Topic”.