@marcelo-ochoa/server-postgres 0.6.2 → 0.6.3

package/README.md

@@ -21,7 +21,10 @@ A Model Context Protocol server that provides read-only access to PostgreSQL dat
 
 - **pg-connect**
   - Connect to a PostgreSQL database
-  - Input: `connectionString` (string): The PostgreSQL connection string (e.g. postgresql://user:password@host:port/dbname)
+  - Inputs:
+    - `connectionString` (string): The PostgreSQL connection string without credentials (e.g. postgresql://host:port/dbname or host:port/dbname)
+    - `user` (string): The PostgreSQL username
+    - `password` (string): The PostgreSQL password
 
 - **pg-awr**
   - Generate a PostgreSQL performance report similar to Oracle AWR. Includes database statistics, top queries (requires pg_stat_statements extension), table/index statistics, connection info, and optimization recommendations.
@@ -35,16 +38,45 @@ The server provides schema information for each table in the database:
   - Includes column names and data types
   - Automatically discovered from database metadata
 
+## Change Log
+
+### 2025-11-22
+- **feat**: Implement secure PostgreSQL authentication via environment variables and update tool descriptions
+  - Added `PG_USER` and `PG_PASSWORD` environment variables for secure credential management
+  - Updated `pg-connect` tool to accept explicit user/password arguments
+  - Enhanced tool descriptions for better clarity and documentation
+
+### 2025-11-20
+- **feat**: Add initial Postgres server implementation, integrate ModelContextProtocol SDK, and update Oracle tools
+  - Complete refactoring of PostgreSQL MCP server
+  - Modularized code structure with separate tool handlers
+  - Implemented `pg-stats`, `pg-connect`, `pg-explain`, and `pg-awr` tools
+  - Renamed query tool to `pg-query` to avoid naming collisions
+  - Added Docker image build support for postgres service
+
 ## Configuration
 
+### Authentication
+
+The PostgreSQL server uses environment variables for secure credential management:
+
+- **`PG_USER`**: PostgreSQL username (required)
+- **`PG_PASSWORD`**: PostgreSQL password (required)
+
+The connection string should contain only the host, port, and database information (without embedded credentials).
+
+**Supported connection string formats:**
+- `postgresql://host:port/dbname`
+- `host:port/dbname`
+
 ### Usage with Claude Desktop
 
 To use this server with the Claude Desktop app, add the following configuration to the "mcpServers" section of your `claude_desktop_config.json`:
 
 ### Docker
 
-* when running docker on macos, use host.docker.internal if the server is running on the host network (eg localhost)
-* username/password can be added to the postgresql url with `postgresql://user:password@host:port/db-name`
+* When running Docker on macOS, use `host.docker.internal` if the PostgreSQL server is running on the host network (e.g., localhost)
+* Credentials are passed via environment variables `PG_USER` and `PG_PASSWORD`
 
 ```json
 {
@@ -54,9 +86,12 @@ To use this server with the Claude Desktop app, add the following configuration
       "args": [
         "run", 
         "-i", 
-        "--rm", 
+        "--rm",
+        "-e", "PG_USER=myuser",
+        "-e", "PG_PASSWORD=mypassword",
         "mochoa/mcp-postgres", 
-        "postgresql://host.docker.internal:5432/mydb"]
+        "postgresql://host.docker.internal:5432/mydb"
+      ]
     }
   }
 }
@@ -72,8 +107,12 @@ To use this server with the Claude Desktop app, add the following configuration
       "args": [
         "-y",
         "@marcelo-ochoa/server-postgres",
-        "postgresql://localhost/mydb"
-      ]
+        "postgresql://localhost:5432/mydb"
+      ],
+      "env": {
+        "PG_USER": "myuser",
+        "PG_PASSWORD": "mypassword"
+      }
     }
   }
 }
@@ -81,6 +120,11 @@ To use this server with the Claude Desktop app, add the following configuration
 
 Replace `/mydb` with your database name.
 
+**Note**: Replace the following placeholders with your actual values:
+- `myuser` and `mypassword` with your PostgreSQL credentials
+- `localhost:5432` with your PostgreSQL server host and port
+- `mydb` with your database name
+
 ### Usage with VS Code
 
 For quick installation, use one of the one-click install buttons below...
@@ -106,7 +150,18 @@ Optionally, you can add it to a file called `.vscode/mcp.json` in your workspace
       {
         "type": "promptString",
         "id": "pg_url",
-        "description": "PostgreSQL URL (e.g. postgresql://user:pass@host.docker.internal:5432/mydb)"
+        "description": "PostgreSQL URL (e.g. postgresql://host.docker.internal:5432/mydb)"
+      },
+      {
+        "type": "promptString",
+        "id": "pg_user",
+        "description": "PostgreSQL username"
+      },
+      {
+        "type": "promptString",
+        "id": "pg_password",
+        "description": "PostgreSQL password",
+        "password": true
       }
     ],
     "servers": {
@@ -116,6 +171,8 @@ Optionally, you can add it to a file called `.vscode/mcp.json` in your workspace
           "run",
           "-i",
           "--rm",
+          "-e", "PG_USER=${input:pg_user}",
+          "-e", "PG_PASSWORD=${input:pg_password}",
           "mochoa/mcp-postgres",
           "${input:pg_url}"
         ]
@@ -134,7 +191,18 @@ Optionally, you can add it to a file called `.vscode/mcp.json` in your workspace
       {
         "type": "promptString",
         "id": "pg_url",
-        "description": "PostgreSQL URL (e.g. postgresql://user:pass@localhost:5432/mydb)"
+        "description": "PostgreSQL URL (e.g. postgresql://localhost:5432/mydb)"
+      },
+      {
+        "type": "promptString",
+        "id": "pg_user",
+        "description": "PostgreSQL username"
+      },
+      {
+        "type": "promptString",
+        "id": "pg_password",
+        "description": "PostgreSQL password",
+        "password": true
       }
     ],
     "servers": {
@@ -144,7 +212,11 @@ Optionally, you can add it to a file called `.vscode/mcp.json` in your workspace
           "-y",
           "@marcelo-ochoa/server-postgres",
           "${input:pg_url}"
-        ]
+        ],
+        "env": {
+          "PG_USER": "${input:pg_user}",
+          "PG_PASSWORD": "${input:pg_password}"
+        }
       }
     }
   }
@@ -159,6 +231,10 @@ Docker:
 docker build -t mochoa/mcp-postgres -f src/postgres/Dockerfile .
 ```
 
+## Sources
+
+As usual the code of this extension is at [GitHub](https://github.com/marcelo-ochoa/servers), feel free to suggest changes and make contributions, note that I am a beginner developer of React and TypeScript so contributions to make this UI better are welcome.
+
 ## License
 
 This MCP server is licensed under the MIT License. This means you are free to use, modify, and distribute the software, subject to the terms and conditions of the MIT License. For more details, please see the LICENSE file in the project repository.

package/dist/db.js

@@ -2,15 +2,52 @@ import pg from "pg";
 let pool = undefined;
 let resourceBaseUrl = undefined;
 export async function initializePool(connectionString) {
+    const dbUser = process.env.PG_USER;
+    const dbPassword = process.env.PG_PASSWORD;
+    if (!dbUser || !dbPassword) {
+        console.error("Error: Environment variables PG_USER and PG_PASSWORD must be set.");
+        process.exit(1);
+    }
+    // Parse the connection string to extract host, port, and database
+    // Expected format: postgresql://host:port/dbname or host:port/dbname
+    let host;
+    let port;
+    let database;
+    try {
+        // Try parsing as URL first
+        if (connectionString.startsWith('postgresql://') || connectionString.startsWith('postgres://')) {
+            const url = new URL(connectionString);
+            host = url.hostname;
+            port = url.port ? parseInt(url.port) : 5432;
+            database = url.pathname.slice(1); // Remove leading '/'
+        }
+        else {
+            // Parse format: host:port/dbname
+            const match = connectionString.match(/^([^:]+):(\d+)\/(.+)$/);
+            if (!match) {
+                throw new Error("Invalid connection string format. Expected: host:port/dbname or postgresql://host:port/dbname");
+            }
+            host = match[1];
+            port = parseInt(match[2]);
+            database = match[3];
+        }
+    }
+    catch (err) {
+        console.error("Error parsing connection string:", err);
+        process.exit(1);
+    }
     pool = new pg.Pool({
-        connectionString,
+        user: dbUser,
+        password: dbPassword,
+        host,
+        port,
+        database,
     });
     // Test connection
     const client = await pool.connect();
     client.release();
-    const url = new URL(connectionString);
-    url.protocol = "postgres:";
-    url.password = "";
+    // Build resource base URL without credentials
+    const url = new URL(`postgresql://${host}:${port}/${database}`);
     resourceBaseUrl = url;
 }
 export function getPool() {

package/dist/server.js

@@ -6,7 +6,7 @@ import { listResourcesHandler, readResourceHandler, callToolHandler } from "./ha
 import { tools } from "./tools.js";
 const server = new Server({
     name: "postgres-server",
-    version: "0.6.2",
+    version: "0.6.3",
 }, {
     capabilities: {
         resources: {},

package/dist/tools/connect.js

@@ -1,17 +1,24 @@
 import { initializePool, closePool } from "../db.js";
 export const connectHandler = async (request) => {
-    const connectionString = request.params.arguments?.connectionString;
-    if (typeof connectionString !== "string" || !connectionString) {
+    const newConnectionString = request.params.arguments?.connectionString;
+    const newUser = request.params.arguments?.user;
+    const newPassword = request.params.arguments?.password;
+    if (typeof newConnectionString !== "string" || !newConnectionString ||
+        typeof newUser !== "string" || !newUser ||
+        typeof newPassword !== "string" || !newPassword) {
         return {
-            content: [{ type: "text", text: "Missing or invalid connectionString argument." }],
+            content: [{ type: "text", text: "Missing or invalid connectionString, user, or password argument." }],
             isError: true,
         };
     }
     try {
         await closePool();
-        await initializePool(connectionString);
+        // Override env vars for this session
+        process.env.PG_USER = newUser;
+        process.env.PG_PASSWORD = newPassword;
+        await initializePool(newConnectionString);
         return {
-            content: [{ type: "text", text: `Successfully connected to Postgres DB: ${connectionString}` }],
+            content: [{ type: "text", text: `Successfully connected to Postgres DB: ${newConnectionString} as user ${newUser}` }],
             isError: false,
         };
     }

package/dist/tools.js

@@ -1,7 +1,7 @@
 export const tools = [
     {
         name: "pg-query",
-        description: "Run a read-only SQL query",
+        description: "This tool executes SQL queries in a READ ONLY session connected to a PostgreSQL database. If no active connection exists, it uses MCP server registration argument and environment variables PG_USER and PG_PASSWORD.\n\nYou should:\n\n\tExecute the provided SQL query.\n\n\tReturn the results in Toon format.\n\nArgs:\n\n\tsql: The SQL query to execute.\n\n\nThe `model` argument should specify only the name and version of the LLM (Large Language Model) you are using, with no additional information.\nThe `mcp_client` argument should specify only the name of the MCP (Model Context Protocol) client you are using, with no additional information.\n\nReturns:\n\n\tJson-formatted query results.\nFor every SQL query you generate, please include a comment at the beginning of the SELECT statement (or other main SQL command) that identifies the LLM model name and version you are using. Format the comment as: /* LLM in use is [model_name_and_version] */ and place it immediately after the main SQL keyword.\nFor example:\n\nSELECT /* LLM in use is claude-sonnet-4 */ column1, column2 FROM table_name;\n\nPlease apply this format consistently to all SQL queries you generate, using your actual model name and version in the comment\n",
         inputSchema: {
             type: "object",
             properties: {
@@ -25,7 +25,7 @@ export const tools = [
     },
     {
         name: "pg-stats",
-        description: "Get statistics for a specific table",
+        description: "Get comprehensive statistics for a specific PostgreSQL table. This tool retrieves detailed information including row counts, table size, index information, column statistics, and other metadata that can help optimize queries and understand data distribution.\n\nArgs:\n\n\tname: The name of the table to get statistics for.\n\n\nThe `model` argument should specify only the name and version of the LLM (Large Language Model) you are using, with no additional information.\nThe `mcp_client` argument should specify only the name of the MCP (Model Context Protocol) client you are using, with no additional information.\n\nReturns:\n\n\tJson-formatted table statistics including row counts, size information, indexes, and column details.\n",
         inputSchema: {
             type: "object",
             properties: {
@@ -49,7 +49,7 @@ export const tools = [
     },
     {
         name: "pg-explain",
-        description: "Explain Plan for a given SQL query",
+        description: "Generate and display the execution plan for a given SQL query using PostgreSQL's EXPLAIN command. This tool helps you understand how PostgreSQL will execute your query, including information about table scans, joins, indexes used, and estimated costs.\n\nArgs:\n\n\tsql: The SQL query to explain.\n\n\nThe `model` argument should specify only the name and version of the LLM (Large Language Model) you are using, with no additional information.\nThe `mcp_client` argument should specify only the name of the MCP (Model Context Protocol) client you are using, with no additional information.\n\nReturns:\n\n\tDetailed execution plan showing how PostgreSQL will process the query, including costs, row estimates, and access methods.\n",
         inputSchema: {
             type: "object",
             properties: {
@@ -73,13 +73,21 @@ export const tools = [
     },
     {
         name: "pg-connect",
-        description: "Connect to a PostgreSQL database",
+        description: "Provides an interface to connect to a specified PostgreSQL database. If a database connection is already active, the tool will close the existing connection before establishing a new one.\n\nThis tool accepts three required parameters:\n\n\tconnectionString: The PostgreSQL connection string without embedded credentials (e.g., postgresql://host:port/dbname or host:port/dbname)\n\tuser: The PostgreSQL username\n\tpassword: The PostgreSQL password\n\nThe credentials are stored in environment variables PG_USER and PG_PASSWORD for the session.\n\nThe `model` argument should only be used to specify the name and version of the LLM (Large Language Model) you are using, with no additional information.\nThe `mcp_client` argument should specify only the name of the MCP (Model Context Protocol) client you are using, with no additional information.\n",
         inputSchema: {
             type: "object",
             properties: {
                 connectionString: {
                     type: "string",
-                    description: "The PostgreSQL connection string (e.g. postgresql://user:password@host:port/dbname)"
+                    description: "The PostgreSQL connection string (e.g. postgresql://host:port/dbname or host:port/dbname)"
+                },
+                user: {
+                    type: "string",
+                    description: "The PostgreSQL user (e.g. postgres)"
+                },
+                password: {
+                    type: "string",
+                    description: "The PostgreSQL password"
                 },
                 mcp_client: {
                     "type": "string",
@@ -92,7 +100,7 @@ export const tools = [
                     "default": "UNKNOWN-LLM"
                 }
             },
-            required: ["connectionString"]
+            required: ["connectionString", "user", "password"]
         },
     },
     {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@marcelo-ochoa/server-postgres",
-  "version": "0.6.2",
+  "version": "0.6.3",
   "description": "MCP server for interacting with PostgreSQL databases",
   "keywords": [
     "read-only-mcp",