From c7f58dc8f2ab06099e4829e355b0c32c289aa995 Mon Sep 17 00:00:00 2001
From: Andrew <cybershell@cybershell.xyz>
Date: Thu, 2 Mar 2023 22:17:49 -0600
Subject: [PATCH] add explict authentication when running in production

---
 .env.default         |  4 ++++
 lib/site-platform.js | 14 ++++++++++++--
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/.env.default b/.env.default
index 4286e79..c40424f 100644
--- a/.env.default
+++ b/.env.default
@@ -62,6 +62,10 @@ MAILGUN_DOMAIN=
 
 MONGODB_HOST=localhost:27017
 MONGODB_DATABASE=dtp-webapp
+# For when NODE_ENV=production
+MONGODB_USERNAME=mongo-user
+MONGODB_PASSWORD=change-me!
+MONGODB_OPTIONS=
 
 #
 # Redis configuration
diff --git a/lib/site-platform.js b/lib/site-platform.js
index 7847d65..8bb8994 100644
--- a/lib/site-platform.js
+++ b/lib/site-platform.js
@@ -34,12 +34,22 @@ module.connectDatabase = async (/*dtp*/) => {
       host: process.env.MONGODB_HOST,
       database: process.env.MONGODB_DATABASE,
     });
-    const mongoConnectUri = `mongodb://${process.env.MONGODB_HOST}/${process.env.MONGODB_DATABASE}`;
+    const mongoConnectionInfo = {
+      host: process.env.MONGODB_HOST,
+      db: process.env.MONGODB_DATABASE,
+      username: encodeURIComponent(process.env.MONGODB_USERNAME),
+      password: encodeURIComponent(process.env.MONGODB_PASSWORD),
+      options: process.env.MONGODB_OPTIONS || '',
+    };
+    let mongoConnectUri = `mongodb://${process.env.MONGODB_HOST}/${process.env.MONGODB_DATABASE}`;
+    if (process.env.NODE_ENV === 'production'){
+      mongoConnectUri = `mongodb://${mongoConnectionInfo.username}:${mongoConnectionInfo.password}@${mongoConnectionInfo.host}/${mongoConnectionInfo.options}`;
+    }
     module.db = await mongoose.connect(mongoConnectUri, {
       socketTimeoutMS: 0,
       keepAlive: true,
       keepAliveInitialDelay: 300000,
-      dbName: process.env.MONGODB_DATABASE,
+      dbName: mongoConnectionInfo.db,
     });
     module.log.info('connected to MongoDB');
   } catch (error) {