Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 1 year ago.
Improve this question
I'm sorry since I'm new to this.. I'm currently working on my startup which basically like food delivery system and I used Flutter for my app. I learned Flutter using Firebase as a backend. However, there are many sources that recommend use MongoDB as a backend database which I have zero knowledge about it. But I think that MongoDB just only offer for database crud operation. So I think for the database crud operation my app should use MongoDB. However, I think MongoDB is quite complicated when it involves authentication. So, which is better approach for me? should I use Firebase for authentication and MongoDB as the database or is it better to use only one platform for the backend whether its a Firebase or MongoDB? If I mix these two, does it will affect the pricing? Is there any ways that can make me clear which to choose.
MongoDB is an open source NoSQL database management program, which is quite useful for working with large sets of distributed data. It is mostly useful for big data applications and other processing jobs involving data that doesn't fit well in a rigid relational model.
It is an absolutely right approach to use Firebase Auth for just login or signup and the rest on MongoDB. There are 2 ways you can implement the Firebase Auth:
1. Using the SDK provided by Firebase
2. Using the Admin Auth API
You may select any of the above two approaches to save your UID on your custom Backend which might be MongoDB.
Contrarily, Firebase can also be used as backend. It provides the back-end server, a great database and analytics solution, and useful integrations with other Google products. Its free to use, affordable subscription options, wisely designed backend solution guarantees project scalability and data security makes it a great choice for backend.
However, for the vast majority of apps and use-cases, Firebase is an excellent choice. You can start with its free tier and don’t need to worry about maintenance or scalability. It’s great for small to medium developers as it allows them to lower initial costs while focusing on providing the best user experience.
When working on a heavy real-time app like chat, or some other highly collaborative experience, Firebase is still an option, though it might be a bit pricey.
However, the recommendation is always to consider your budget, the required feature set, and how much maintenance you’re willing to do on your own before making a decision.
You might also refer to this documentation, which will guide you with the pros and cons of choosing Firebase as backend.
Flutter: can I mix Firebase Auth with Mongodb Databases?
Check this similar post. If you still have doubts, feel free to ask.
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 6 years ago.
Improve this question
I'm working on a project with a requirement of coming up with a huge amount of data.
For this we are looking for a data store to save and fetch a huge amount of data. The database is easy, there is one object for vouchers and a one to many relation to transactions. One voucher has ~ 10 - 100 transaction.
Sometimes it is possible that the system has to generate several thousand voucher in a short time, and it also possible that the system writes or delete several thousand transaction.
And it is very important that the applications returns quickly if a voucher is valid or not (easy search request).
I have looked several blogs to find the best database for this and on the shortlist is
MongoDB
Elastic Search
Cassandra
My favourite is Elastic Search but I found several blogs which says ES is not reliable enough to use as a primary data store.
I also read some blogs that say mongodb has problems to run in cluster.
Do you have experience with Cassandra for a job like this? Or do you prefer any other database?
I've some experience on MongoDB, but I'll go agnostic on this.
There are MANY factors that goes in game when you say that you want a fast database. You have to think about indexing, vertical or horizontal scaling, relational or nosql, writing performance vs reading performance, and if you choose any of them should think about reading preferences, balancing, networking... The topics goes from the DB to the hardware.
I'd suggest go for a database you know, and that you can scale, admin and tune well.
In my personal experience, I've had no problems running MongoDB on cluster (sharding), may be problems comes due to a bad administration or planning, and that's why I suggest going for a database you know well.
The selection of the database is the least concern in designing a huge database that needs high performance. Most Nosql and Relational databases can be made to run this type of application effectively. The hardware is critical, the actual design of your database and your indexing is critical, the types of queries you run need to be performant.
If I were to take on a project that required a very large database with high performance, the first and most critical thing to do is to hire a database expert who has worked with those types of systems for several years. This is not something an application developer should EVER do. This is not the job for a beginner or even someone like me who has worked with only medium sized databases, albeit for over 20 years. You get what you pay for. In this case, you need to pay for real expertise at the design stage because database design mistakes are difficult to fix once they have data. Hire a contractor if you don't want a permanent emplyee, but hire expertise.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 4 years ago.
Improve this question
First of all, I spent some time thinking whether this question belongs to SO, so if you think it is more appropriate for some other Stack Exchange site, please feel free to recommend or migrate.
I am writing a REST application which will be able to register new users and allow the existing users to interact with each other (you can imagine a forum or a minimalistic social network, for example).
At the moment, I have a simple app setup with database schema, spring-JPA and spring-data-rest exposing all the repositories.
However, all users are now able to access all the resources from the server. I would like a user to see only his own entities: for example by going to /api/user/messages.
I am also going to use some security in the application, probably OAuth2, so I need it to be compatible.
I have read some articles and SO questions concerning this topic and decided that multi-tenancy might be a solution to my problem. Usually though, these articles work with separate databases for each client and smaller number of clients in total so I am curious whether it is actually meant to be used for a huge number of users in the system. I expect all the users to share the database with their records and use the same schema.
Is there some tutorial for this topic concerning spring boot and shared database-schema? Or is there some better approach how to solve this problem? I would be glad for any tips!
EDIT: As pointed out in the comments, using multi-tenancy might be an overkill for this task, since I only need to separate the users on entity level. I would be glad for any hint how to do that in Spring boot and JPA since I have found no tutorials concerning this topic.
There aren't many explanations on how to achieve what you've described even though it would seem to be a common problem. Hopefully the Spring team will address this very common use case. The following is what I've seen as two possible solutions, the second of which is what I use.
Complex Solution:
Spring Security ACL
Simple Solution:
#Query Method Security Expressions
Example:
#Query("select m from Message m where m.user like ?#{hasRole('ADMIN') ? '%' : authentication.name}")
#Query methods are typically used to define more complex queries than can't easily be written in the method-name query creation that is a standard mechanism of Spring Data.
You can add Security logic within a #Query method that can return different results based on who the User is.
The above example will return all Messages if the User has a Role of ADMIN, but if not it will return only their own Messages. This has the added benefit of Query optimization. You could select all the records and then programmatically filter out those that the User doesn't have access to, but for large queries this becomes a bottleneck. This will adjust the query at runtime based on who is requesting the data. I've found it to be the best way to achieve the desired behavior without implementing a full ACL.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
I'm tasked with investigating for our firm a full-stack solution where we'll be using a NoSQL database backend. It'll most likely be fed from a data warehouse and/or operational data store of some type in near-realtime (hopefully :). It will be used mainly by our mobile and web applications via REST.
A few requirements/assumptions:
It will be read-only (in the near term) and consumed by clients in REST format
It has to be scalable
Fast response time
Enterprise support - or if lacking actual support, something industry proven if open-source (basically management wants to hold
someone accountable if something in the stack fails)
Minimal client data transformations - i.e: data should be stored in as close to ready-to-use format as possible
Service API Management of some sort will most likely be needed (eg: 3scale)
Services will be used internally, but solution shouldn't prevent us from exposing them externally as a longterm goal
Micro-services are preferable (provided sufficient API management is in place)
We have in-house expertise in Java and Grails for our mobile/portal solutions
Some of the options I was tossing around were:
CouchDB: inherently returns REST - no need for translation layer - as
long as clients speak REST, we're all good
MongoDB: need a REST layer in between client and DB - haven't found a widely used one based on my investigation (the ones on Mongo's site all seem in their infancy - i.e: RestHeart)
Some questions I have:
Do I need an appserver? Or any layer in between the client and DB
for performance/caching reasons? I was thinking a reverse-proxy like
nginx would be a good idea for this?
Why not use CouchDB in this solution if it supports REST out of the box?
I'm struggling with deciding between which NoSQL DB to use, whether or not I need a REST translation layer, appserver, etc. I've read the pros and cons of each and mostly they say go Mongo - but for what I'm trying to do the lack of a mature REST layer is concerning.
I'm just looking for some ideas, tips, lessons learned that anyone out there would be willing to share.
Thanks!
The problem with exposing the database directly to the client is that most databases do not support permission control which is as fine-grained as you want it to be. You often can not allow a client to view and edit its own data while also forbidding it from viewing and editing any data of other users or even worse from the server itself. At least not when you still want a sane database schema.
You will also often find yourself in the situation that you have a document with several fields of which only some are supposed to be under the control of the user and others are not. I can, for example, edit the content of this answer, but I can not edit the time it was posted, the name it was posted under or its voting score. So far I have never seen a database system which can handle permission for individual fields (when anyone has: feel free to post in the comments).
You might think about trying to handle this on the client and just don't offer any user interface for editing said fields. But that will only work in a trusted environment. When you have untrusted users, they could create a clone of your client-sided application which does expose this functionality. There is no way for you to tell the difference between the genuine client and a clone, especially not when you don't have a smart application server (and even then it is practically impossible).
For that reason it is almost always required to have an application server between clients and database which handles authentication and permission management of the clients and only forwards those requests to the persistence layer which are permitted.
I totally agree with the answer from #Philipp. In the case of using CouchDB you will minimum want to use a proxy server in front to enable SSL.
Almost all of your requirements can be fulfilled by CouchDB. Especially the upcoming v2 will give you the "datacenter-needs".
But it's simply very complex to answer what should be the right tool for you purpose. If you get some business model requirements on top like lets say: throttling - then you will definitely need an application server middleware like http://mcavage.me/node-restify/
Maybe it's a good idea to spend some money to professionals like
http://www.neighbourhood.ie/couchdb-support/ ? (I'm not involved)
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 6 years ago.
Improve this question
I am trying to decide between two development firms. One wants to go with Parse while the other wants to build a backend. I would like to get feedback and reasons why building a backend or using a BaaS such as Parse, Stackmob is better in terms of scalability and performance.
For example let's use SnapChat a highly used app that handles millions of users and data requests. What would happen if a newly created app were to experience a large increase in users and data request. Would the backend be able to handle this? Would I be looking to have it fixed shortly after the increase in users?
Something like Parse.com gives you a lot of value for very little capital investment. With BaaS, all of the gory details of infrastructure management are hidden. Deployment, system capacity issues, system availability, system security, database administration and a myriad of other task simply go away when using a good BaaS. Parse.com for instance, uses Amazon Web Services and elastic load balancing to dynamically add more capacity to the system as usage increases. This is the nirvana of capacity management.
Parse.com is a special kind of BaaS. Parse.com's intended purpose is to be a light-weight back-end back-end for mobile apps. I believe Parse.com is a very good mobile backend-as-a-service (MBaaS - link to a Forrester article on the subject).
That said, there are times when Parse.com is not the right solution. Estimate the number of users for the application and the number of HTTP requests and average user would send in a day. Parse.com charges by the number of transactions. The Pro Plan has these limits:
15 million HTTP requests per month
Burst limit of 40 requests per second
Many small transactions can result in a higher cost to the app owner. For example, if there are 4,500 users, each sending 125 HTTP requests to Parse.com per day, then you are already looking at 16,850,000 requests every 30 days. Parse.com also offers a higher level of service called Parse Enterprise. Details about this plan are not published.
The services provided by a BaaS/MBaaS save much time and energy on the part of the application developer, but impose some constraints. For example, the response time of Parse.com might be too slow for your needs. Unless you upgrade to their Enterprise plan, you have no control over response times. You currently have no control over where your app is hosted (Parse apps are presently run out of Amazon's data centers in Virginia, I believe).
The BaaS providers I have looked at do not provide quality-of-service metrics. Even if they did, there is no community agreement on what metrics would be meaningful. You just get what you get and hope it is good enough for your needs.
An application is a good candidate for an MBaaS if :
It is simple or the application logic can run entirely on the client (phone, tablet...)
It is impossible to estimate the number of users or the number of users could be huge.
You don't want a big upfront capital investment.
You don't want to hire infrastructure specialists to handle capacity/security/data/recovery/network engineering.
Your application does not have strict response time requirements.
Parse's best use case is the iPhone developer who wrote a game and needs to store the user's high scores, but knows nothing about servers. That said, complex application like Hipmunk are using Parse. Have a look at Parse.com's portfolio of case studies. Can you imagine your application in that portfolio or is it very different from those apps?
Even if a BaaS is not the right solution, a PaaS or IaaS might be. Look at Rackspace and AWS. In this day and age, buying hardware and running a data center is tough to justify.
BaaS providers like apiomat or parse have to handle the requests of thousands of apps. Every app can have lots of users there. The providers are forced to make the system absolutely secure and scalable because if there are any issues about one of those points it will be the end of their business... Building scalable secure backends on your own is not as easy a you would expect. Those companys mentioned above have invested some man-years in that.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 6 years ago.
Improve this question
Say I am required to build an E-Commerce website that could eventually become very very large. The site would start with at least 100,000 different products, and would include features like Amazon. Would you advise me to use a CMS? or to build this website from ground up?
Something to take into consideration is that if I use a CMS, there would still need to be lots of custom coding, since we want many features not commonly available.
Taking into consideration factors such as Speed, Security and Scalability.
Features would include: Different sets of details for different products, product comparisons, reviews, customer management, customer points system, and all the basic ecommerce features.
If you say CMS, Can you also suggest CMS's that would be great for this kind of store.
Thank you.
Well you have to consider many things. in general means, using CMS is good idea.It reduce development time as well as development cost. But you may need to make modifications on source code in order to gain what exactly you want from it. On the other hand build such application from scratch allows you to obtain exactly what you want. but its will takes time as well as much cost.
follow through bellow link
http://www.mykeblack.com/web-design/how-much-does-an-ecom-website-cost
and also if you choose an FOSS CMS find something has higher community involvement as well as support.
If you use paypal as payment method , check their web site. they suggest couple of good commercial CMS.
The ideal e-commerce solution for that volume would be Magento
The only downfall is that its very robust and has a steep learning curve. I do NOT recommend using a framework that is a blogging site first, with an e-commerce plugin or add-on such as WordPress. It will not be able to support the traffic, the product volume, or the security precautions that should be taken.
Obviously is better if you use a CMS, I recommend you OpenCart if you just want to do an E-Commerce web site, it's is so simple and Open Source.
For something bigger you can try Joomla as CMS and a great extension called VirtueMart (http://virtuemart.net)[3], it's very complete an extensible..
Any time you use pre-made code, you are at the mercy of the features included. Adding features can be significantly harder than with custom code.
That having been said, it is definitely not unheard of to START your site with pre-made code (or even a whole platform - like selling via Amazon) and only the included features so you can start making revenue while you write your own solution.