I'm trying to connect to Azure SQL Server from Node.js and express.js. I'm going through this tutorial here which shows that we enter the username and password to the sql server. Is this safe? After we deploy the app, express.js which contains these information also gets deployed to the web-server (Azure). Would this then be visible to others?
Is there a better way to do this?
This tutorial is to help you understand how to connect to a SQL Server database. This is not intended to be used in production as is. A better option would be to put those in config settings or environment variables. Then reference the values in the code. That way you do not have your username and password hard coded into the code and can easily change the values between different environments (develop, production...).
If you use environment variables, you would reference process.env.USERNAME and process.env.PASSWORD, for example.