Multiple database file design pattern

[kmsz...@gmail.com]

I would like to use a separate database file per client for an SaaS. I am using node-express as middleware. I am not using Foxx as Foxx cannot be segregated from the database file itself.

Currently I am changing the database to use based on the user JWT token via a middleware function and the Javascript driver function 'useDatabase'. So multiple users share the same middleware and are routed to their respective database files. 

This seems to work at first but fails seemingly randomly. I instead would prefer to pass the actual db name with each and every Http call, but naming the db in the Javascript driver doesn't seem to be supported/recommended.

What are my (other) options? I would prefer not to have a multi tenant database for security and administration reasons. 

Thank you. 

[Kerry Hormann]

I'm not sure what you mean when you state that Foxx servcies "cannot be segregated from the database file."  Foxx services are very-much database-specific, so are you saying that you use Node because you can't create a Foxx service that has access to a different database from which it is installed? 

I also use Node/Express as middleware, partly so I don't expose the database directly, but also as an extra "sanitation" and queuing layer for the outside world.  My application clearly defines roles between Node and Foxx, and although I found the two layers daunting at first, I find Foxx services to be extremely helpful, invaluable even.

From what I understand, JWT methods for session management are tied to a database, specifically to a "sessions" collection within a database.  According to the docs, JWT can also be used for intra-server communication within a cluster, but I would not use this for client or middle-ware authentication (though maybe someone at ArangoDB wants to prove me wrong?).  My guess is that you're using this cluster-oriented JWT mechanism, and the random nature of your JWT failures is due to the server engine(s) rolling the key without Node being part of the conversation (just a theory, though).

I would recommend the design pattern that works for me:  deploy the same Foxx services in each database (same code/ZIP package) but call each service via it's unique path (database name).  Since Foxx cannot access data/memory across databases, so this might be a good way to secure client data.  You will have to implement a "sessions" or middleware that manages client authentication via Node - this could be done with a dedicated "sessions" database in ArangoDB, or you could build it on another server altogether (Redis, maybe?).

-- Kerry 

[Wilfried Gösgens]

Hi,

as explained here:

https://www.arangodb.com/docs/stable/http/database.html

databases are parts of the URL. Whether and how their linkage is in the drivers API is actually rather a design choice of that respective driver than of the REST-Interface of ArangoDB.

Cheers, Willi

--
You received this message because you are subscribed to the Google Groups "ArangoDB" group.
To unsubscribe from this group and stop receiving emails from it, send an email to arangodb+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/arangodb/222d4531-8e43-4426-add7-d44f5a94ba7bn%40googlegroups.com.

[noel del rosario]

There is a site that I stumbled on  ArangoDB JavaScript Driver

Maybe this can help....

https://github.com/arangodb/arangojs

https://www.npmjs.com/package/arangojs