First of all, I am completely new to developing backend-servers. As a result, I struggled on understanding many of the concepts presented to me. I’m making an app in the medical field, and I have to store patient information in the database. In order to achieve this, I went through MongoDB and found 2 ways on adding users:
In the Database Access tab, you could add a user and roles based on what that user can do. Is this feature used for staff-only (of the database)? In a sense that it is not for users that apply to a signup form, then is added here?
About the Data-API under “Data Services” - How is this feature intended to be used? Is it fine to use it for signing-up and logging-in new users?
When neither of the 2 above are intended to be used for signing up new users, then can I get any suggestions for signing new users and logging them in?
If there was anything I wasn’t clear about, I will try my best to clarify whatever it was.
The Database Access is meant to be used to control the access to the database data itself (From the shell, compass, drivers). This is useful to configure when multiple teammates/developers need access to the data in the database at varying levels.
The Data API (in preview) is meant to be way to access your data over an HTTPS protocol rather than standard TCP that is used with Drivers/Shell. Because it’s in preview, the functionality of the Data API is still a bit limited but it is quite useful for building microservices in the cloud due to the ubiquity of HTTPS and the managed networking it comes with. It runs on a separate computation layer that is separate from the MongoDB database itself.
When neither of the 2 above are intended to be used for signing up new users, then can I get any suggestions for signing new users and logging them in?
Since you’re developing a new application, there are multiple ways to do authentication/log users in - some involving building your own functionality and others using some packages/services that work with Atlas.
Build your own authentication - build the API yourself and store the authentication metadata and user data MongoDB Database example
Use an authentication service (e.g. Auth0 +Express + MongoDB) which provides SDKs + APIs to help you sign up and login users and store them in MongoDB
Use MongoDB Atlas’s managed application tier services (MongoDB Realm). This service gives you in-built authentication/authorization, APIs, serverless functions, and SDKs that you can configure so you use auth within your app. (tutorial)