As other guys said in the comments, you really should not do this. but if you insist (for learning purposes) you may try the following example:
// STEP 1: Initialize a new ActiveXObject for the SQL Server connection.
var connection = new ActiveXObject("ADODB.Connection") ;
// Your connection string: and this is the reason why you shouldn't do this
// in live website, "everyone has access to this connection string".
// replace the values within "<>" to your values.
var your_connection_string = "Data Source=<SQL Server (IP or host)>;Initial Catalog=<your catalog (a.k.a Database)>;User ID=<your username>;Password=<your password>;Provider=SQLOLEDB";
// STEP 2: Now open the connection using the connection string above.
// STEP 3: Initialize a new activeX object, this time for a recordset,
// so we can read data from database.
var rs = new ActiveXObject("ADODB.Recordset");
// STEP 4: Manipulate your data the way you want.
rs.Open("SELECT * FROM <your table>", connection);
// STEP 5: be nice and Finalize the recordset and the connection.
It’s really recommended that you use Server side backend to Access your database and secured files using something like the platforms you mentioned in your question (NodeJS, PhP, Asp.NET,…etc).
That example is given AS IT IS, you are free to use it anyway you want at your own Risk. I am not responsible to any damage it can bring.
have a nice day.