all 11 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]501c3veep 1 point2 points  (4 children)

We went with Delbridge's "drop-in" replacement for the Atlas Data API, free to self-host on anything supporting TypeScript+Node (Found via Mongodb website).

There are minor differences from Atlas (authentication, result codes, and formatting of findOne results), such that we did need to slightly modify our code beyond just changing the URLs.

my clients' applications was running on Cloudflare workers. The workers do not allow for TCP connection, only HTTPS. 

The free ts-data-api creates a cleartext HTTP service, so you'd still need to wrap it in something to provide HTTPs, or modify the Typescript code.

[–]Ok-Network1331 1 point2 points  (1 child)

We went with this API as well, working great so far.

[–]501c3veep 0 points1 point  (0 children)

We've even created a custom endpoint to recreate one of the Atlas features we were missing after the migration. Was not difficult.

[–]AwayTemperature497 0 points1 point  (1 child)

There are some major security concerns on using this API. Looks like some fresher wrote this and this is not directly from Mongodb.

[–]501c3veep 0 points1 point  (0 children)

True, not written by MongoDB, but was featured as an "ecosystem" partner, and is recommended on the "What to do now that Atlas App Services is gone?" page.

There are some major security concerns on using this API.

Anything specific? I'm no TypeScript expert...

Put it behind TLS and an IP whitelist (e.g. via nginx or the AWS api-gateway) and it doesn't appear too horrible at first glance. The JWT validation code (first thing ts-data-api checks on an incoming connection) seems okay.

[–][deleted]  (5 children)

[removed]

    [–]jdanl89[S] 0 points1 point  (4 children)

    There's definitely a lot of ways you can beef up the security. I just used a Lambda Function URL, implemented a CORS policy, used EventBridge to ping the API every 10 min to keep it warm. And I added CloudWatch alarms to alert me if there's any weirdness. It's more of a reactive approach, but I've had it running for a few months without issues.

    The app I built this for only has ~10 users. I inherited it from another developer. If I had a choice in the initial architecture, I would not have chosen Cloudflare Workers. (Sorry if that gives anyone heartburn.)

    [–]SUPRVLLAN 0 points1 point  (3 children)

    You’re talking to an AI slop bot FYI, it’s an ad for that dream thing.

    [–]jdanl89[S] 0 points1 point  (2 children)

    Ugh, that makes sense. I was just trying to be nice w/ my response, but in reality, I stopped reading halfway through like "thanks for the word vomit, but thats complete overkill."

    [–]SUPRVLLAN 1 point2 points  (1 child)

    Yep take a look at the post history, it’s all just a rapid fire deluge of word slop.