db.authenticate thread issues?

[adam]

Hello,

In node.js i'm openning a connection once on server startup using the method described here:

http://mongodb.github.io/node-mongodb-native/driver-articles/mongoclient.html

On every request I am authenticating a user to a database using db.authenticate using the shared connection. 

This works until I have concurrent connections.  As soon as I have multiple concurrent connections I get a "MongoError: auth fails" exception.

After reviewing the logs of mongod I noticed these lines:

Thu Apr 17 23:10:15.498 [conn40] auth: bad nonce received or getnonce not called. could be a driver bug or a security attack. db:user0

Is this a bug?  Can you call db.authenticate like this?  Or is it once per connection?  The situation is that in my application user has their own database and I am trying to avoid creating multiple connections per user.   Does this make sense?

Another side effect of this problem is that these connections that have the "auth fails" error don't release their connection from the pool.  After several requests die like this I am unable to connect to mongodb without resetting the node.js server.

Any insight is appreciated... thank you!

-Adam

var mongodb = require('mongodb');

var express = require('express');

var mongoClient = new mongodb.MongoClient(new mongodb.Server("127.0.0.1", 27017));

var app = express();

app.post("/*", function(req, res) {

var username = req.headers['x-username'];

var password = req.headers['x-password'];

var database = username;

var db = mongoClient.db(database);

db.authenticate(username, password, function(err, authenticated) {

if(err) {

res.send({

error: {

message: err.message,

stack: err.stack

}

});  

} else if(!authenticated) {

res.send({

error: {

message: "unable to authenticate user " + username

}

});

} else {

res.send("ok");

}

});

});

var port = 3000;

mongoClient.open(function(err) {

app.listen(port, function() {

          console.log('%s: Node server started on %d ...', Date.now(), port);

});

});