1

Error: enter image description here

MongoDB Users: enter image description here

Screenshot of permitted users.

enter image description here

When I try to delete a document from MongoDB database deployed on Atlas, Forbidden error occurs. (Inserting works fine). Database name is- FbUsers, Collection- ClonedFbUsers

Below is the code: 

    <!DOCTYPE html>
<html>
<head>
<title>myFb</title>

 <link rel="stylesheet" type="text/css" href="style1.css">
<script src="https://s3.amazonaws.com/stitch- 
sdks/js/library/v3/stable/stitch.min.js"></script>

<script>
let db;
let itemsCollection;
let stClient;
let clientPromise = stitch.StitchClientFactory.create('facebookclone- 
tlwvi');


function onLoadConnectDB(){
    clientPromise.then(stitchClient=>{
        stClient=stitchClient;
        db = stClient.service('mongodb', 'mongodb-atlas').db('FbUsers');
        itemsCollection=db.collection("ClonedFbUsers");
    });

}

 function addUser(){
 var n= prompt("Your username: ")
const userId = stClient.authedId();
stClient.login().then(()=>
    itemsCollection.insertOne({ owner_id: stClient.authedId(), userName : n 
, profilePhoto: "NULL", photos: ["NULL"],comments: 
 [{msg:"NULL",time:"NULL",like:0}] })
    ).then(() => itemsCollection.find({}).execute())
  .then(docs =>
  docs.forEach((doc, index) =>
    console.log(`${index}: ${JSON.stringify(doc)}`)
    )
  );
alert("added");
}

 function deleteUser(){

var d= prompt("Username to delete: ");
const userId = stClient.authedId();

stClient.login().then(()=>
    itemsCollection.deleteOne({ userName: {$eq: d} })
    ).then(() => itemsCollection.find({}).execute())
.then(docs =>
  docs.forEach((doc, index) =>
    console.log(`${index}: ${JSON.stringify(doc)}`)
    )
  );
alert("User "+d+ " deleted.");


}

</script>
 </head>


 <body onload="onLoadConnectDB()">


<p>Hello My App</p>

<div id="wlcom" align="center">
<button name="adding" onclick="addUser()">Add User</button><br>
<button name="deleting" onclick="deleteUser()">Delete User</button> <br>
<button name="logging">Login</button><br>
 </div>

</body>
</html>`

Spent many hours on the MongoDB user authentication, built-in roles etc which seems like less useful. Any help is appreciated

joy_jlee
  • 103
  • 2
  • 13
  • Calling `.login()` with no arguments only works for "anonymous" authentication, and you probably actually set it up with credentials to be required. You need actually provide those credentials here if that is how you have set up your instance. So you likely want `.authenticate("")` instead – Neil Lunn Apr 13 '18 at 22:23
  • My Stitch application is open for anonymous access. – joy_jlee Apr 13 '18 at 22:33
  • You realize what a 403 message is returned for yes? Since it means "not authorized" then I would suggest that your actual configured authentication is different to what you think it is. – Neil Lunn Apr 13 '18 at 22:35
  • i am a bit confused about what authentication it is referring to. How can i check current configured authentication? i believe it is email/password pair, but when i do it, the error saying "authentication via 'local-userpass' is unsupported" . (i was typing login email and password pair to MongoDB Atlas). i read this https://docs.mongodb.com/stitch/auth/google-auth/ and seems like i should follow these steps to create Google authentication? – joy_jlee Apr 14 '18 at 08:57
  • I just added a new screenshot – joy_jlee Apr 14 '18 at 09:52

0 Answers0