I’m looking for an alternative to Firebase since I’ve come to a point where Firebase no longer support my needs. MongoDb has the following that I need:
Offline first
Text Search
Aggregate pipeline
More than one inequality queries
OR queries
So I’m doing a bit of research on the power of MongoDb Realm that will work with my Flutter/Dart application. I’m just a little bit confused, and hoping to clarify my findings. Here is a summary of my understanding so far:
Atlas has a myriad of drivers for different languages which allows “database users” to access its data. The database users are not necessarily the app-users. The driver does not have the capability to authenticate end-users via another provider for example (google, facebook sign in etc).
App-user authentication is managed via the Atlas App Services layer. This must be enabled on the Atlas UI.
Realm is an App Service that allows app users to externally authenticate and sync data.
Data API is also another App Service that exposes the data via HTTPS end points. It also allows app-user
to authenticate externally.
In short, can someone please confirm that the only way for an externally authenticated user to access data is via the following?
Realm SDK - if their data is synced on their device
Data API - for any data including ones that are synced on device
Bonus question - is there any driver (or anything) that allows externally authenticated user to access data other than the two mentioned?
I hope I’m making sense, remember I am new and just doing research at this moment. Go easy on me, thanks!
Glad you’ve stumbled across MongoDB as part of your research! Please see my comments below in regards to some of your statements:
App-user authentication is managed via the Atlas App Services layer. This must be enabled on the Atlas UI.
The Atlas App Services - Users & Authentication documentation may provide more details for you. In addition to this, there is also the Atlas App Services Command Line Interface (realm-cli) which allows you to programmatically manage your Apps as well.
In short, can someone please confirm that the only way for an externally authenticated user to access data is via the following?
Realm SDK - if their data is synced on their device
Data API - for any data including ones that are synced on device
There are several authentication providers. Regarding the Realm SDK, you can view some example methods for the authentication providers in the corresponding SDK documentation, for example:
Data API endpoints run in the context of a specific user, which allows your app to enforce rules and validate document schemas for each request.
By default, endpoints use Application Authentication, which requires each request to include credentials for one of your application users, like an API key or JWT. You can also configure other custom authentication schemes to fit your application’s needs.
However it’s worth noting that we’re not trying to provide a full-featured identity management platform and for more advanced features you may still want to integrate something like Cognito, Auth0, or AAD via our JWT authentication provider.
I am not sure if this meets your criteria for “externally authenticated” users but I would also go over federated authentication as well just in case.
Bonus question - is there any driver (or anything) that allows externally authenticated user to access data other than the two mentioned?
Generally the end users of the application should access the data through your application or API. They typically would not have direct access to the database in which drivers generally do (have direct access through authentication of a Database User in the case of Atlas).
I think i get it now after some mulling over it a while.
Coming from Firebase I was expecting the MongoDB drivers to be something similar to the Firebase client SDKs. So basically Firebase made it simple by wrapping their version of “data api” with an SDK for a given programming language such as dart. As opposed to Atlas app services data api, which is pure REST api.
So if i wanted to emulate what Firebase did with their SDK i would need to write my own wrapper package for a language that abstracts away the http requests…
Seems like a lot of work… or is it? I suppose it’s just a matter of abstracting the end points.
I’ll just stick to writing RESTful http requests for now.
