I was first looking at mongolab.com but I did not feel that I wanted to use yet another external service for such small project(s). Instead I found sleepy.mongoose which seems to be the official MongoDB REST interface and it was really fast to get up and running. But to make it useful even for a small inhouse project (external website though) I was missing some things.
- Basic authentication
- Simple database/collection based authorization
To solve these problems I decided to create a proxy I had tried node.js before so I knew that the proxy part would be really easy and I expected that basic-auth should be really easy to solve as well. To solve cross-origin requests I thought that jsonp was the answer but Anders Janmyr introduced me to CORS and suggested that I should try to solve it that way instead.
Cross-Origin-Resource-Sharing is a way for a server to simply say that ‘Hey, I approve cross-origin requests from these hosts (or all) and I accept these methods etc’. Implementing this was really easy and the code below shows all that is needed works (not sure if the Access-Control-Allow-x headers have to always be set or only when OPTION is sent but I had some issues with this). Replace the * with your real hosts.
Authentication and authorization
For authentication I simply use basic-auth which is really easy to implement but I think that you can probably find a library that makes it a little nicer than my hardcoded solution. Authentication is also very simple with a json file containing username, password, database and collection. Checkout the authentication/authorization code for details about this.
The lab project can be found at https://github.com/jayway/mongo-http-proxy