From 75bc65147581e8f72486964f6268fdf92a2f3979 Mon Sep 17 00:00:00 2001 From: sabarinathan Date: Tue, 4 Feb 2025 11:45:45 +0530 Subject: [PATCH] testing mongo security --- .env | 4 ++++ src/shared/connect/mongoose.ts | 11 +++++++---- src/shared/security/mongosecurity.ts | 6 +++--- 3 files changed, 14 insertions(+), 7 deletions(-) diff --git a/.env b/.env index e024ed1..60be5dc 100644 --- a/.env +++ b/.env @@ -1,4 +1,8 @@ # MONGO_URI=mongodb://127.0.0.1:27017/ +MONGO_USER=admin +MONGO_PASSWORD=admin321 +MONGO_AUTH_DB=admin + MONGO_URI=mongodb://mongo/ API_PORT=5000 SOCKET_PORT=8000 \ No newline at end of file diff --git a/src/shared/connect/mongoose.ts b/src/shared/connect/mongoose.ts index ec13e52..3c0788b 100644 --- a/src/shared/connect/mongoose.ts +++ b/src/shared/connect/mongoose.ts @@ -13,16 +13,19 @@ const MainModel = ( collectionName: string ): Model => { const db1_url = `${process.env.MONGO_URI}${db}`; - + const authOptions = { + user: process.env.MONGO_USER, // Correct username environment variable + pass: process.env.MONGO_PASSWORD, // Correct password environment variable + authSource: process.env.MONGO_AUTH_DB || 'admin', // Default to 'admin' if not provided + maxPoolSize: 50, + }; // Check if the connection already exists if (connections[db]) { return connections[db].model(modelName, schema, collectionName); } try { - const db1 = mongoose.createConnection(db1_url, { - maxPoolSize: 50, - }); + const db1 = mongoose.createConnection(db1_url,authOptions); // Cache the connection connections[db] = db1; diff --git a/src/shared/security/mongosecurity.ts b/src/shared/security/mongosecurity.ts index 905c0e0..b2d887b 100644 --- a/src/shared/security/mongosecurity.ts +++ b/src/shared/security/mongosecurity.ts @@ -3,9 +3,9 @@ export default async function mongoAdminCreation() { const uri = process.env.MONGO_URI!; // Replace with your MongoDB URI const client = new MongoClient(uri); const user = { - user: 'admin', - pwd: 'admin321', // Provide a strong password - roles: [{ role: 'root', db:'admin'}] // Assign a specific role for your database, here we use readWrite for 'mydb' + user: process.env.MONGO_USER!, + pwd: process.env.MONGO_PASSWORD!, + roles: [{ role: "root", db: process.env.MONGO_AUTH_DB || "admin" }], }; try { await client.connect();