npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

strapi-keys

v1.2.4

Published

Automatic management of keys in .env file

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

ululabululab

Keywords

strapi-keysstrapienvenvironmentkeyshelpercryptorandomnodesecurity

Readme

npm version

$ npm run strapi-keys -- --refresh

key-v2

This is a great and convenient way to generate random base64 cryptographic keys.

This approach is generally secure, as the Node.js cryptographic module is designed to provide secure encryption capabilities.

It uses the crypto module of Node.js, which in turn can depend on specific implementations of the operating system, reliable for generating randomness.

openssl rand -base64 32 uses an operating system random number generator, which is often highly reliable at generating randomness.

Strapi openssl

Install with npm:

npm i strapi-keys

Start to generate keys:

⏳Generating a default .env file complete with variables, in the absence of .env or .env.example files

npm run strapi-keys -- --generate
############################
## BEFORE 
############################
API_TOKEN_SALT=
ADMIN_JWT_SECRET=
TRANSFER_TOKEN_SALT=
JWT_SECRET=
APP_KEYS=

############################
## AFTER
############################
APP_KEYS=KHeNRq3Oj1/9wcjYvgFv+b6+Pw==,WMe01U/lJ5uPqQSdpvTESZLFDA==,+jiQgyUIWjGlyebkCZnRxKAD5A==,W/5ZcNElldr8MmyyTSqevgYqJg==
API_TOKEN_SALT=28LCPMgoHb/g3Dc5oIYwGo54WGDSknbQzuDZjPmmhA==
ADMIN_JWT_SECRET=7dLaf0Aaw0mGUTrSPQSnj/tK9VdMSxPxhUxfIb36SA==
TRANSFER_TOKEN_SALT=PgmIoztGd+V39JhTttjZ918T5znZpsuzfaEh5AemCA==
JWT_SECRET=mH1Jnu9dGc+jShpKJPI399h4cVV0TyAjhos+6sUaeA==

List command options:

npm run strapi-keys -- --help

Usage: npm run strapi-keys -- [options]

Options:

  • --help : List all available commands (default option)
  • --refresh : Forcefully overwrite all keys
  • --generate : Generate keys where missing
  • --clear : Clear values of keys
  • --dryrun : Print involved variables based on the launched command
    example:
     npm run strapi-keys -- --dryrun --refresh
  • --print : Print newly generated variables to the console
  • --status : Print the status of keys: check the correct encoding of the key
  • --rand : Print a single crypto key in base64

Options with values:

  • --exclude= : Exclude certain keys from the changes operations
    example:
    npm run strapi-keys -- --refresh --exclude=JWT_SECRET
  • --only= : Include only certain keys in changes operations

Separate multiple values with a comma (,)

--status

npm run strapi-keys -- --status

image

Settings (automatic)

After installation, the "strapi-keys" command is automatically added to the "scripts" field in the Strapi package.json file:

{
  "scripts": {
    "strapi-keys": "strapi-keys"
  }
}

or run the command directly:

node node_modules/strapi-keys

Comand scheduled

./config/cron-tasks.js

module.exports = {

  refreshKeysEnv: {
    task: ({ strapi }) => {
      const keysExec = require('strapi-keys/core/exec');
      keysExec('--refresh --exclude=JWT_SECRET')
    },
    options: {
      rule: "0 0 1 */2 * *",
    },
  },

};

./config/server.js

const cronTask = require("./cron-tasks")

module.exports = ({ env }) => ({
  cron: {
    enabled: env.bool('CRON_ENABLED', false),
    tasks: cronTask,
  }
});

Set the variable in the .env file

CRON_ENABLED=true

References

This functionality is supported and documented in:

Advantages

Run npm install strapi-keys for:

  • ⏳ Save time on setting up your strapi apps (.env and .env.example files)
  • 🛠 Automate key creation and management
  • 🔑 Safe and ready-to-use keys

🎳Good work!🚀