Ryan Chenkie: [0:00] The API that we use in this course hooks up to a real Mongo database. Probably the easiest way to get going with Mongo is to use a cloud-hosted version of Mongo. There are a few different options on the market, probably one of the most popular is MongoDB Atlas. This is straight from the makers of MongoDB.

[0:20] If you already have MongoDB running locally, feel free to use just a local Mongo database. If you've got that, there's no reason that you need to go with a remote database. I find this to be a little bit easier for those who don't have Mongo installed locally.

[0:36] To sign up, you can go to mongodb.com and you can go here to try free. Let's just see the steps of signing up for an account and getting a cluster running.

[0:46] For the company name, I will just put React Security. I'll just put in a throwaway email that I've got here, first name, last name, and password. I'll just use something really strong here as you should be. Then, we just agree to the terms. That is it, we can get started.

[1:06] They give you a path selector here. You can choose from a paid version or you can just go with a free sandbox cluster. That's usually the best option. I usually just go with AWS and choose the default region, which is US-East-1. Here, we've just got some details about what we get with the cluster.

[1:25] Let's go ahead and create that cluster. Now it's being provisioned. We've got this notice up here that they are deploying zero of three servers currently. That's going to go to all three servers. How it works with these remote deployed Mongo databases is you've got a total of three servers for a cluster. You've got options for failover if something is to fail.

[1:48] Let's see if I can just get rid of all this messaging here from this bot. There we go. This does usually take a few minutes to deploy. As we can see here, it takes one to three minutes to provision.

[2:01] Once your cluster provisions, there are two things you'll need to take care of right off the bat. The first is to add a database user so that you can actually access your database. The second is to make sure your network settings are adjusted so that you can connect to it from your machine.

[2:15] Let's check out database access over here as the first step. Currently, there are no database users. Let's go and add a new database user. The default auth method here is password. We can put a username in here and then have a password as well.

[2:31] For my database user, I'll just name it something like React Security. For the password here, I'm going to auto generate a secure password. They give you the option to show it and I'm going to copy this over, so that I can put it in the appropriate spot later. You can either just highlight and copy or you can click copy here.

[2:49] The default privileges here should be fine for now. Finally, we can add the user. When you make any kinds of changes like this, they've got to deploy the changes. Usually, that can take a couple minutes.

[3:02] The next thing to check out here is network access. We don't have any whitelisted IP addresses, meaning that we can't make any connections to this cluster currently. Let's add an IP address.

[3:15] They give you the option of adding your current IP address. If you just want to allow access only from your home or office, you can do that or you can just allow access from anywhere. That might be a little bit better if you are wanting to connect from coffee shops or what have you.

[3:30] Generally though for production, you don't want to allow access from anywhere. That's not really a good practice for security for your database in production. Once we have that, let's confirm and those changes should take effect after a while.

[3:43] This whitelisted IP address is active. We can go over here to our cluster once more and figure out how to connect to it. Over here in our cluster, we can go to connect. This gives us a few options. We can go through the Mongo Shell, but in our case we need to go through our application. Click here, connect your application, and this is the connection string that you need to copy over.

[4:08] In the environment file for the API, which we'll see, you can put your connection string as a value into the Atlas URL variable. You'll need to copy this and you'll need to make sure that you include the password that we previously just copied over.

[4:24] Maybe put that password somewhere like the environment file for now. Then, come and copy this and then you can glue the password right into there. Once you have that, you should be able to connect from the API.

Advanced React Security Patterns - Pro Package

Already enrolled?
Sign in to continue learning.