Alexander Weickmann
12/02/2021, 2:14 PMfun connect(getNewConnection: () -> Connection, ...)
We use ktor as our http backend and now the only problem is how we can get the auth information from ktor into this lambda.
We are able to store the required info in the pipeline context of ktor. So what we specifically try right now is to get PipelineContext data into the getNewConnection lambda:
Database.connect(getNewConnection = {
val jdbcUrl = "jdbc:${DbConfig.jdbcProtocol}://${DbConfig.hostname}:${DbConfig.port}/${DbConfig.database}"
val user = "" // TODO how to get the data from ktor pipeline context into this lambda here?
val password = "" // TODO how to get the data from ktor pipeline context into this lambda here?
DriverManager.getConnection(jdbcUrl, user, password)
})
Has somebody tried such a thing already? We need to somehow make Exposed aware of the ktor pipeline context, so we can set the credentials for the database based on the rest call at hand. Any tips or suggestions at all would be very much appreciated.Kamil Kalisz
12/02/2021, 3:05 PMAlexander Weickmann
12/02/2021, 3:27 PMval db = Database.connect(dataSource)
Note: Starting Exposed 0.10 executing this code more than once per db will create leaks in your application, hence it is recommended to store it for later use.
Ideally, I would not like to configure all the passwords for all our customers into our application. The idea is that the api key for the rest interface coincides with the database password for that customer. Thus, even if the caller is due to some weird error resolved to the wrong customer, it would still not leak data since the database user password would need to match with the api call as well.
But that would require that we call Database.connect over and over again. And as per the statement above, that would lead to problems 😞Kamil Kalisz
12/02/2021, 3:37 PMAlexander Weickmann
12/02/2021, 5:04 PMsuspend fun <T> PipelineContext<Unit, ApplicationCall>.newSuspendedTransaction(
statement: suspend Transaction.() -> T
) {
val user = this.context.attributes[tenantUserContextKey]
val password = ...
val database = Database.connect(user, password)
org.jetbrains.exposed.sql.transactions.experimental.newSuspendedTransaction(db = database, statement = statement)
}