I have a simple function in Realms that returns the data array from an entry via an HTTPS Endpoint:
entry = {
“account”: username,
“password”: hashed_password,
“data”: ,
}
exports = async function(accountname, password) {
// assume password already hashed
const accountsCollection = context.services
.get("OutfitLB")
.db("OutfitLB")
.collection("Accounts_mongo");
const account = await accountsCollection.findOne({ account: accountname });
if (account && account.password === password) {
return account.data;
} else {
throw new Error("Invalid username or password.");
}
};
However, this function only works properly in the Testing Console. Initially, it worked as well on my Python program using requests
as well as online API testing tools. However, it randomly stopped working. Instead of returning the account.data when the username and password are correct, it will always throw the error that the username or password is incorrect. What I noticed is that the function only worked when I set the Testing console to System user. What is odd though is that I can return accountsCollection.find().toArray();
and I will be able to view all the data through my Python program. My Python program can be found below:
import requests
GET_URL = "https://us-east-2.aws.data.mongodb-api.com/app/data-zzkgk/endpoint/getData"
# Replace with the actual username and password
accountname = "test"
password = "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08"
response = requests.get(
GET_URL, params={"accountname": accountname, "password": password}
)
if response.status_code == 200:
account_data = response.json()
print(f"Account Data for {accountname}: {account_data}")
else:
print("Wrong account details")
print(f"Function call failed: {response.status_code}, {response.text}")
How do I ensure that clients are able to properly invoke this function? I put a default role of read/write/search, however it did not fix it.