5

I am using mongodb and mongoose to handle my database needs. I currently have this:

mongoose.connect(secrets.db, {server:{poolSize: 1}});
mongoose.connection.on('error', function() {
  console.error('MongoDB Connection Error. Make sure MongoDB is running.');
});

As my mongo connection. I want to change that so that each user that logs in (using passport) gets their own database. So when I do show dbs I would like to see user_ObjectID_database_name how can I modify my code to get this result? I want it because I believe it is more secure from my research. I can not however find any good guides on how to do this. I am sure they exist but I have spent 4 ish hours looking with no luck on even a semi-okay one that I could guess at.

Currents I just have a users collection.

This is my current code that runs when a user hit /signup as a POST request. 

exports.postSignup = function(req, res, next){
  req.assert('email', 'Please sign up with a valid email.').isEmail();
  req.assert('password', 'Password must be at least 6 characters long').len(6);

  var errors = req.validationErrors();

  if (errors) {
    req.flash('errors', errors);
    req.flash('form', {
      email: req.body.email
    });
    return res.redirect('/signup');
  }
  // calls next middleware to authenticate with passport
  passport.authenticate('signup', {
    successRedirect: '/dashboard', // Select redirect for post signup
    failureRedirect: '/signup',
    failureFlash : true
  })(req, res, next);
    next();
};

I call this as a middleware in my route to keep them cleaner.

EDIT **

Would sharding be a better solution for performance? I know it requires a lot of set up and planning but it might be worth it? Only question is security...

Kirbytech
  • 634
  • 1
  • 5
  • 18
  • Possible duplicate of [Mongoose and multiple database in single node.js project](https://stackoverflow.com/questions/19474712/mongoose-and-multiple-database-in-single-node-js-project) – Matt Nov 02 '17 at 02:02
  • See the suggestions about mongooses `useDb` in that answer – Matt Nov 02 '17 at 02:03
  • @Matt That is not what I am looking for, I am looking to base it on user accounts not applications. This is one application with 1000+ users. What you linked to would work if I had say 2 separate applications. – Kirbytech Nov 02 '17 at 02:16
  • 1
    What you are looking to do and what you can do don't change the fact that your stated design requires multiple mongoose databases in a single node.js project. Maybe if we go a step back from this, What problem are you trying to solve with a database per user? A performance concern? Managing an application and a mongo instance with 1000+ databases sounds like trouble. – Matt Nov 02 '17 at 02:49
  • _I believe it is more secure_. Why do you believe that ? – TGrif Nov 02 '17 at 13:38
  • @TGrif From what I have read it is because users then would not have the possibility of seeing another user's data. While for my application that is not a huge deal it is not wanted either. – Kirbytech Nov 02 '17 at 14:44
  • @Matt I was looking for more security and performance. I figured that sharding was more work than separate databases. It sounds like I might be better to shard my database instead of having a separate one for each user. – Kirbytech Nov 02 '17 at 14:45
  • 1
    @Kirbytech Your app is still the gatekeeper between users data, wether it's in multiple databases or separated by `where` clauses. Performance wise, I guess you could manually shard users to different hosts as needed with seperate db's if you wrote the lookup system. Otherwise collections will cover an index/data size issues you come into. – Matt Nov 03 '17 at 00:00

0 Answers0