#[database] implementation for mongodb ssl support

[lemonxah]

Feature Request

Why i believe this feature is necessary

Using mongodb servers that is not in your local network like for example mongo atlas servers only use ssl connections. I have used the #[database] implementation for mongodb and it works really well while running it on my machine while coding, but for me to be able to go to staging or production with this i will have to use state management instead as the current #[database] implementation doesn't allow for ssl connections

[jebrosen]

In general, most Poolable implementations should expose support their database engine's respective options in some way - TLS is just one example.

• mongodb has https://docs.rs/mongodb/0.3.12/mongodb/struct.ClientOptions.html. -- the ssl feature doesn't seem to be enabled on docs.rs; the source for with_ssl and with_unauthenticated_ssl is at https://github.com/mongodb-labs/mongo-rust-driver-prototype/blob/master/src/lib.rs#L262
• postgres has https://docs.rs/postgres/0.15.2/postgres/enum.TlsMode.html

For instance, we could support the following in Cargo.toml:

[global.databases.mongo]
url = "mongodb://localhost:27017"
ssl = { ca_file="...", verify_peer = true }

[global.databases.pg]
url = "postgres://"
tls = { mode="prefer", backend="openssl" }

I think it's inevitable that these additional options will all be database-specific.

It's also worth noting that the set of supported database crates and versions may change depending on how things go with #1065.

[nicolasbauw]

I have a same problematic situation with postgres, as my database provider requires a ssl connection. My api works on my non-ssl test database, but I can't put the api in production :-(

Here is what I can see in database.rs:

// TODO: Come up with a way to handle TLS
#[cfg(feature = "postgres_pool")]

Waiting for the todo to be done ;-)

[jebrosen]

i will have to use state management instead

And for anyone needing to work around this issue, that is "the 0.3 way" to do databases as described in the old version of the guide, which is still largely applicable for this purpose: https://rocket.rs/v0.3/guide/state/#databases.

[nicolasbauw]

I've written a code for postgresql / managed state / SSL:
https://github.com/nicolasbauw/rocket-postgresql-ssl

[jebrosen]

rocket_contrib does not have a mongodb integration at this time (see also #1378), and the latest version of mongodb allows configuring SSL in the URI string with ssl=true/false or tls=true/false (on by default with mongodb+srv). Therefore this should be solved "automatically" by #1117, so I'm closing this one out.