Thanks for reminding me, I will add that as a note.
1 Like
This may not be that secure maybe, because you showed the encryption code sample, and maybe hackers/exploiters could reverse engineer the code and find out how to decrypt it and just get player’s data from games.
2 Likes
I don’t think it is that easy as we aren’t showing anything to the client by putting everything in the server side, but I agree that might happen, that’s why there are other ways to secure the connection too, like I said in the first part. Anyways nothing is 100% Secure always.
Nice tutorial!
However, one issue I can see with it (that I don’t think you mentioned), is that Atlas can get very very expensive with larger games. I think a far better solution would be to run Mongo locally on the server.
I’m actually working on a database solution privately at the minute. It uses Loopback (typescript) for the HTTP framework and Mongo for the database. I might look at open sourcing it.
Nice in depth tutorial overall though! I just think it’s important to mention the drawbacks of a solution like this over datastores.
4 Likes
It will surely get expensive with larger games, I will mention some Pros and Cons of using MongoDB Atlas probably. Thanks for the suggestion 
And Good luck on your project!
2 Likes
How do I get my glitch site IP? I’m getting this error:
(node:173) UnhandledPromiseRejectionWarning: MongooseServerSelectionError: Could not connect to any servers in your MongoDB Atlas cluster. One common reason is that you're trying to access the database from an IP that isn't whitelisted. Make sure your current IP address is on your Atlas cluster's IP whitelist: https://docs.atlas.mongodb.com/security-whitelist/```
1 Like
You can send a http request to a service that returns your IP address. However, I’m not sure if Glitch has reserved / “permanent” IPs assigned to your service For production use-cases, you need to set up an appropriate deedicated IP / server, and you’ll be able to properly utilize the whitelist.
A (dangeous) approach you can take is disable whitelist (if possible), this will allow anyone from any IP to access, granted they have the correct credentials.
2 Likes
Is there a way to prevent data loss forever like for example: If there was a thing where whenever a player clicks a button it will store there cash, but what if players do it at the same time and the data store requests are too much?
2 Likes
Mongodb actually was on the list of things for me to start utilizing for a while. I do know how to set it up but if you’re looking for a front page game, it’s no surprise it might be take a nice chunk of money to run a database server such as that without risk of filling the storage. Which is why I wouldn’t really use this at production value since if you plan on having a big project with thousands of concurrent players, it could cost some in the long run. Sure it’s a lot faster than ROBLOX datastores and I would give a lot up in order to use mongodb at production value but as it is now I wouldn’t really use it. I HAVE however used a mongo db server on a UE4 project I was doing which was purely development purposes so who knows, might make for a good dev-testing service to use in the future.
2 Likes
Just set the DB to open via permissions.
1 Like
That will be for you to handle. But Mongoose is great at handling requests.
1 Like
It’s worth noting to everyone that MongoDB has it’s own web API service called “Realm” where you can simply code your own webhooks in JavaScript. You don’t need to setup a server on another platform to use it.
With that said, our team uses MongoDB and I’ve been developing in it for 3 years, I highly suggest people use it because it’s highly scalable.
3 Likes
You should check out Datastore2 by Kampfkarren. His module will make a wrapper around the datastore service and allow you to make as many calls as you need.
1 Like
Problem with datastores are people can manipulate the game if they get the key. But with Mongoose, you can secure your DB behinde an API where everything would be in the backend.
1 Like
If you ever used adonis, and you don’t change the datastore key, you would get an error that it is vulerable. This is because the only thing you need to access a datastore is a key.
1 Like
sure but the datastore can only be accessed by the server, so as long as u have no backdoors you’re fine. Also if anyone gets ahold of your mongoose api key you’re equally as screwed. It’s just trade-offs.
2 Likes
It’d be harder to access the API key because you would need direct access to the server. So unless you have an endpoint that has the URI iut won’t be hard.
2 Likes
Ok, I’m not seeing
Connection To MongoDB Atlas Successful!
after following every step above it. I checked my MANGO_USER and my MANGO_PASS, and nothing is wrong with them. Do you think you can help me?
1 Like
Saving Player Data To MongoDB Atlas in the Cloud! - but with strings attached.
You see, I always loved glitch. because of its free hosting.
However bots were sliced when Glitch banned Pinging (such as HTTP Requests)
so dont ping i guess
Another thing: MongoDB is a database that does indeed cost to be more reliable.
Its also kinda hard to use, so good luck trying.
(and if it does end up working, have a cake 
)
1 Like
While this is a cool database, you don’t need to waste time setting up all of your Glitch projects, when you can just use Google’s Firebase database service. You can pull HTTP requests/posts with your key directly from the URL
1 Like