Is this discreet enough?

Ask the community
,
1

Good day, looking for more advanced NodeJS users to offer insight if they think this code is discreet enough that none of the database information can be exposed to thirdparties.

This is the code I’m using (actual db variables obviously changed for the paste)
account_create.jsw :


const bcrypt = require('bcrypt');
const mysql = require('mysql');
const limit = 1000;
const host = 'host';
const user = 'user';
const pass = 'password';
const db = 'db';
var pool;

async function establishPool()
{
    pool = await mysql.createPool(
 {
        connectionLimit : limit,
        host            : host,
        user            : user,
        password        : pass,
        database        : db
 });
}

export async function tryToCreateAccount(login, password)
{ 
        const salt = await bcrypt.genSaltSync(10, 'a');
        const hash = await bcrypt.hashSync(password, salt);
        const values = await [[login, hash]];

        var accountCreated = await false;
        await establishPool();
        var nameAvailable = await checkAccountNameAvailable(login);

        if (nameAvailable)
        {
              accountCreated = await createAccount(values);
              await pool.end();
              return accountCreated;
        }
        else 
       {
              await pool.end();
              return accountCreated;
       }
}

function checkAccountNameAvailable(login)
{
 return new Promise((resolve, reject) => 
 {
        console.log("Checking Account name is available.");
        pool.getConnection(function (err, connection)
        {
            console.log("Connected");
            if(err) throw err;
            
            connection.query("SELECT login FROM accounts WHERE login = ?", login, function (err, result)
            {
                console.log("queried");
                if (err) reject();

                if(result.length > 0)
                {
                    console.log("Name NOT Available.");
                    resolve(false);
                }
                else
                {
                    console.log("Name Available.");
                    resolve(true);
                }
 
            });
       });
 });
}

function createAccount(values)
{
      return new Promise((resolve, reject) =>
      {
            console.log("Attempting to Create account.");
            pool.getConnection(function (err, connection)
            {
                  if(err) throw err;
                  console.log("Connected again.");

                  connection.query("INSERT INTO accounts (login, password) VALUES ?", [values], function (err, result)
                  {
                         console.log("Queried");
                         if (err) reject();

                         if(result.affectedRows > 0)
                         {
                               console.log("Insertion successful.");
                               resolve(true);
                         }
                         else
                         {
                               console.log("Insertion failed.");
                               resolve(false);
                         }
 
                  });
           });
      });
}