Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@fastify/mongodb
Advanced tools
Fastify MongoDB connection plugin; with this you can share the same MongoDB connection pool in every part of your server.
Under the hood the official MongoDB driver is used,
the options that you pass to register
will be passed to the Mongo client.
The mongodb
driver is v4.x.x.
If you do not provide the client by yourself (see below), the URL option is required.
npm i fastify-mongodb --save
Add it to your project with register
and you are done!
const fastify = require('fastify')()
fastify.register(require('fastify-mongodb'), {
// force to close the mongodb connection when app stopped
// the default value is false
forceClose: true,
url: 'mongodb://mongo/mydb'
})
fastify.get('/user/:id', function (req, reply) {
// Or this.mongo.client.db('mydb').collection('users')
const users = this.mongo.db.collection('users')
// if the id is an ObjectId format, you need to create a new ObjectId
const id = this.mongo.ObjectId(req.params.id)
users.findOne({ id }, (err, user) => {
if (err) {
reply.send(err)
return
}
reply.send(user)
})
})
fastify.listen(3000, err => {
if (err) throw err
})
You may also supply a pre-configured instance of mongodb.MongoClient
:
const mongodb = require('mongodb')
mongodb.MongoClient.connect('mongodb://mongo/db')
.then((client) => {
const fastify = require('fastify')()
fastify.register(require('fastify-mongodb'), { client: client })
.register(function (fastify, opts, next) {
const db = fastify.mongo.client.db('mydb')
// ...
// ...
// ...
next()
})
})
.catch((err) => {
throw err
})
Notes:
client
connection will not be closed when the Fastify server
shuts down.mongodb
connection timeout is reduce from 30s (default) to 7.5s in order throw error before fastify
plugin timeout.This plugin decorates the fastify
instance with a mongo
object. That object has the
following properties:
client
is the MongoClient
instanceObjectId
is the ObjectId
classdb
is the DB
instanceThe ObjectId
class can also be directly imported from the plugin as it gets re-exported from mongodb
:
const { ObjectId } = require('fastify-mongodb')
const id = new ObjectId('some-id-here')
The db
property is added only if:
database
string option is given during the plugin registration.A name
option can be used in order to connect to multiple MongoDB clusters.
const fastify = require('fastify')()
fastify
.register(require('fastify-mongodb'), { url: 'mongodb://mongo1/mydb', name: 'MONGO1' })
.register(require('fastify-mongodb'), { url: 'mongodb://mongo2/otherdb', name: 'MONGO2' })
fastify.get('/', function (req, res) {
// This collection comes from "mongodb://mongo1/mydb"
const coll1 = this.mongo.MONGO1.db.collection('my_collection')
// This collection comes from "mongodb://mongo2/otherdb"
const coll2 = this.mongo.MONGO2.db.collection('my_collection')
// ...
// ...
// do your stuff here
// ...
// ...
res.send(yourResult)
})
This project is kindly sponsored by:
Licensed under MIT.
FAQs
Fastify MongoDB connection plugin
The npm package @fastify/mongodb receives a total of 4,216 weekly downloads. As such, @fastify/mongodb popularity was classified as popular.
We found that @fastify/mongodb demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.