Tag archive for: access control

How to enable authenticated MongoDB access for Flask-MongoEngine applications

After having a first look at MongoDB more than 5 years back, I told myself that I will use MongoDB to realise the next functionality of Techcoil.

With exposure to Python 3, Flask and MongoEngine in 2017, I had acquired the skills to build a microsite to recommend gift ideas. This microsite uses MongoDB to store the gift recommendation data.

With Flask and MongoEngine, development of this microsite did not take too much leisure time. With MongoDB not enforcing authentication, there were not much hindrance in setting up the development environment for this microsite.

However, this free-for-all mode of accessing MongoDB is not recommended for production environments. Without authentication, it is easier for ill-intentioned people to mess up the backend database.

To ensure that I have a go-to post for implementing authenticated access to MongoDB backed projects in the future, I document the steps needed for Flask-MongoEngine applications to access MongoDB instances with access control turned on.