I’m currently first time developing with MongoDB and using Next.js to query data from Atlas. I found out the hard way that the MongoDB node driver does not work on client side. I’m still very new to working with databases and would like to know what causes this limitation?
You don’t want to do that for security reasons mainly.
You can’t control the JS that is executed on the client side. It can be altered. Also, where do you hide your login & password (and eventually certificates) that you need to access MongoDB?
If it’s in the client code, it means anyone can retrieve it and start playing with your database directly because you can’t restrict the access by IP address with your solution.
Doing so basically means your MongoDB would not be secured correctly.
You need a backend system to handle the authentication and the authorisations. MongoDB Realm is an option but any homemade backend system would do as long as you secure correctly your REST API or GraphQL API or whatever protocole you choose to use.
There are more reasons that I could mention but it’s a clear violation of the MVC architecture for example.