Securing your mongodb database

When setting up a Mongo database on a production environment, its considered a good practice to secure it. I have learned this in a hard way after my mongodb instance got hacked. So i’d encourage you to secure yours (in case you still haven’t) before it gets compromised.

Before you secure your existing database, you need to first secure the admin database that gets shipped with everyMongo database.

Login to your mongo shell and run the following command

The above command would create a new admin user (make sure you change the password in your case) with a root access and assign the user to the “admin” database.

Once this is done, you need to secure your own database. Run the following command…

The above command will create a new user “my_user” (don’t forget to change the password) with a “read” and “write” access and assign that user to the “mydatabase” database.

Now, you need to specify the new username and password everytime you connect to your database.

Hope that helps!

Did you install mysqlclient or MySQL-python?

Its been a few weeks that I started building a small project after learning Django. I created my project under a virtualenv and when I ran the following command to migrate the database

 

I encountered with a weird kind of error.

I was having a hard time figuring out what was causing the error, I did a lot of googling before i finally found the solution.

To resolve the error I ran the following commands

followed by

and hola, everything worked like a charm

 

Laravel Passport JWT Authentication

I was having a very hard time to figure out a way to integrate JWT authentication using Laravel Passport and was under a dilemma whether this is at all possible.

After spending a decent amount of time I finally figured out that JWT authentication can be done easily using Laravel passport.

First of all follow the steps mentioned in the Laravel Passport installation documentation.

Once this is done, next we will create a User controller and add an auth() method where we will authenticate the username and password of the user and generate a token against it, which we will return in the same request.

Step 1: Create a UserController

 

Step 2: Add an auth method in the UserController. This method will be responsible for authenticating the specified username (email) and password.

 

Step 3: Create an index method within the UserController. This method will be responsible to return the logged in user’s details.

 

Step 4: Creating the routes. Open the routes/api.php file and add the following two routes in it:

 

Step 5: Now make a POST request to http://localhost:8000/auth with the email address and password as shown in the screenshot. This will get you the accessToken, you can use this token to make other requests in your application with the Authorization header and Bearer XXX where xxx is the accessToken you received from /api/auth endpoint.

Step 6: Now, make a GET request to /api/user with the Authorization header and the token value, this will return the authenticated user’s details.

 

I hope this will be useful for you all.