0

What is the best way to store client connection? It needs in order to each request didn't request authorization to mongo. When I try:

auto msettings = new MongoClientSettings();
MongoClient client = connectMongoDB(msettings);
req.session.set("client", client);

I get an error in session.d:

static assert: "Type MongoClient contains references, which is not supported for session storage."

Wusiki Jeronii
  • 159
  • 1
  • 8
  • 1
    You shouldn't be doing that. You can store the client globally if you want. – D. SM Jul 01 '21 at 16:42
  • I thought today about solving the problem. I think there are two optimal ways: * store connections in the server. For example you can get need connection by some id. But there are some problems with that. What if any bad admin change password of some user in mongo shell. Then connection will exist. But with wrong credentials. * Make a user `server` and run all requests as a server user. I think it the best way. What do you think? – Wusiki Jeronii Jul 01 '21 at 17:25
  • How is either of your concerns addressed by storing client objects in sessions? – D. SM Jul 01 '21 at 17:48
  • For first - RAM. Example: user `A` creates an account. But he doesn't use his account for a long time. A connection will exist. Secondly, the problem described above. Yep, I can make additional checks to renew new connections, But I just don't think it is a good way.. So, is the solution with `server` user bad? Thus you will have only one connection. And this one also will be stored behind of user (Session store). For the REST like as a WEB interface, I use web authentication (@noAuth, @anyAuth). And this way is protected by web authentication. – Wusiki Jeronii Jul 01 '21 at 18:58
  • 1
    Most applications utilize a single MongoDB user. If your application users get their permissions from the respective database users that won't work obviously. – D. SM Jul 01 '21 at 20:42
  • And if you have a single db user then there is no need to have more than one client instance ever. – D. SM Jul 01 '21 at 20:42
  • Hmmm... One user? That seems a good idea. For now, I have an authentication method in two steps. Create user via db.runCommand(createUser) and add data from register form to collection users. Additional data (icon, email, etc) stores there. All I need is to skip the first step. Thanks. – Wusiki Jeronii Jul 01 '21 at 21:36

0 Answers0