Multitenancy and Meteor

jamgold · January 24, 2020, 7:23pm

This is an old topic, but I just wanted to chime in that I had been tinkering with this myself and found working with sub-domains is possible. I use nginx to front-end a single meteor project with a wildcard letsencrypt SSL certificate. My example app uses https://*.domain.devel.buzzledom.com and the underlying logic determines which domain I am trying to access and serves data accordingly.

I also use accounts:password, which means accounts are the same across sub-domains. By passing the localStorage.getItem('Meteor.loginToken') across sub-domains, I can authenticate via Accounts.loginWithToken(loginToken).

Also worth mentioning is that I figured out how to serve the proper favicon.ico per sub-domain from the filesystem, by virtue of the most powerful WebApp.connectHandlers. The static HTML simply points the the URL for favicon that is being handled by the server

  <link rel="icon" sizes="16x16 32x32" href="/favicon/ico?v=2">

and on the server I have this code that looks up the countries flag in /private/flags/ and servers the proper flag favico if it exists

WebApp.connectHandlers.use('/favicon/ico', (req, res, next) => {
  res.writeHead(200, {
    'Content-Type': 'image/x-icon',
  });
  const domain = req.headers.host.split('.').reverse().pop();
  var country = countryList.getName(domain);
  if(country != undefined) {
    country = country.replace(/ /g,'-');
    if (country in COUNTRY_NAME_MAP) country = COUNTRY_NAME_MAP[country];
    try {
      const ico = Assets.getBinary(`ico/${country}.ico`);
      res.end(ico, 'utf8');
    } catch (err) {
      console.log(`error ${err.message}`);
      res.end(Assets.getBinary('flags/unknown.ico'), 'utf8');
    }
  } else {
    res.end(Assets.getBinary('flags/unknown.ico'), 'utf8');
  }
});

furret · October 1, 2024, 8:29am

I am currently considering implementing multi-tenancy in Meteor by separating the database for each tenant. I’ve read some useful discussions so far, but is it still challenging to separate the database for each tenant?

paulishca · October 1, 2024, 10:31am

What is your tenant? How would you define it?

Let’s say, you own a SaaS which is being licensed to clients to server their clients. You need each of your clients to have their own tenant with tenant level authentication (confidentiality with you outside the circle) for them to server their own clients?
Is this the case? Or do you have complex security/confidentiality requirements such as SOX or military or medical?

allenfuller · October 1, 2024, 1:33pm

I agree with paulishca. Separate databases for separate users is a DevOps nightmare. If it’s a very small app with very high-end, custom, specialized users… then they should have separate apps.

True multi tenancy from the SaaS perspective, where multiple users / organizations are using the same app for their own purposes, is best served with an ID on all data keyed to the organization and also baked into authentication.