Hi, as explained here: https://www.arangodb.com/docs/stable/http/database.html databases are parts of the URL. Whether and how their linkage is in the drivers API is actually rather a design choice of that respective driver than of the REST-Interface of ArangoDB. Cheers, Willi
Am Mo., 24. Aug. 2020 um 22:02 Uhr schrieb Kerry Hormann < [email protected]>: > I'm not sure what you mean when you state that Foxx servcies "cannot be > segregated from the database file." Foxx services are very-much > database-specific, so are you saying that you use Node because you can't > create a Foxx service that has access to a different database from which it > is installed? > > I also use Node/Express as middleware, partly so I don't expose the > database directly, but also as an extra "sanitation" and queuing layer for > the outside world. My application clearly defines roles between Node and > Foxx, and although I found the two layers daunting at first, I find Foxx > services to be extremely helpful, invaluable even. > > From what I understand, JWT methods for session management > <https://www.arangodb.com/docs/3.6/foxx-reference-sessions-storages-jwt.html> > are tied to a database, specifically to a "sessions" collection within a > database. According to the docs > <https://www.arangodb.com/docs/3.6/programs-starter-security.html#creating-authentication-tokens>, > JWT can also be used for intra-server communication within a cluster, but I > would not use this for client or middle-ware authentication (though maybe > someone at ArangoDB wants to prove me wrong?). My guess is that you're > using this cluster-oriented JWT mechanism, and the random nature of your > JWT failures is due to the server engine(s) rolling the key without Node > being part of the conversation (just a theory, though). > > I would recommend the design pattern that works for me: deploy the same > Foxx services in each database (same code/ZIP package) but call each > service via it's unique path (database name). Since Foxx cannot access > data/memory across databases, so this might be a good way to secure client > data. You will have to implement a "sessions" or middleware that manages > client authentication via Node - this could be done with a dedicated > "sessions" database in ArangoDB, or you could build it on another server > altogether (Redis, maybe?). > > -- Kerry > > On Monday, August 24, 2020 at 8:10:16 AM UTC-7 [email protected] wrote: > >> I would like to use a separate database file per client for an SaaS. I am >> using node-express as middleware. I am not using Foxx as Foxx cannot be >> segregated from the database file itself. >> >> Currently I am changing the database to use based on the user JWT token >> via a middleware function and the Javascript driver function 'useDatabase'. >> So multiple users share the same middleware and are routed to their >> respective database files. >> >> This seems to work at first but fails seemingly randomly. I instead would >> prefer to pass the actual db name with each and every Http call, but naming >> the db in the Javascript driver doesn't seem to be supported/recommended. >> >> What are my (other) options? I would prefer not to have a multi tenant >> database for security and administration reasons. >> >> Thank you. >> > -- > You received this message because you are subscribed to the Google Groups > "ArangoDB" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/arangodb/222d4531-8e43-4426-add7-d44f5a94ba7bn%40googlegroups.com > <https://groups.google.com/d/msgid/arangodb/222d4531-8e43-4426-add7-d44f5a94ba7bn%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "ArangoDB" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/arangodb/CACOvXe0ExA7JV3B%3DVOPYzCjDf4CHWoJdzUvQarEouM2B%2B7O5%3Dg%40mail.gmail.com.
