feat: Allow configuration of temporary user when connecting to atlas cluster

Author: jeroenvervaeke

src/common/config.ts

@@ -48,6 +48,7 @@ const OPTIONS = {
         "tlsCertificateSelector",
         "tlsDisabledProtocols",
         "username",
+        "temporaryDatabaseUserLifetimeSeconds",
     ],
     boolean: [
         "apiDeprecationErrors",
@@ -161,6 +162,7 @@ export interface UserConfig extends CliOptions {
     loggers: Array<"stderr" | "disk" | "mcp">;
     idleTimeoutMs: number;
     notificationTimeoutMs: number;
+    temporaryDatabaseUserLifetimeSeconds: number;
 }
 
 export const defaultUserConfig: UserConfig = {
@@ -180,6 +182,7 @@ export const defaultUserConfig: UserConfig = {
     idleTimeoutMs: 600000, // 10 minutes
     notificationTimeoutMs: 540000, // 9 minutes
     httpHeaders: {},
+    temporaryDatabaseUserLifetimeSeconds: 14400, // 4 hours
 };
 
 export const config = setupUserConfig({

src/tools/atlas/connect/connectCluster.ts

@@ -9,7 +9,6 @@ import { ensureCurrentIpInAccessList } from "../../../common/atlas/accessListUti
 import type { AtlasClusterConnectionInfo } from "../../../common/connectionManager.js";
 import { getDefaultRoleFromConfig } from "../../../common/atlas/roles.js";
 
-const EXPIRY_MS = 1000 * 60 * 60 * 12; // 12 hours
 const addedIpAccessListMessage =
     "Note: Your current IP address has been added to the Atlas project's IP access list to enable secure connection.";
 
@@ -77,7 +76,7 @@ export class ConnectClusterTool extends AtlasToolBase {
         const username = `mcpUser${Math.floor(Math.random() * 100000)}`;
         const password = await generateSecurePassword();
 
-        const expiryDate = new Date(Date.now() + EXPIRY_MS);
+        const expiryDate = new Date(Date.now() + this.config.temporaryDatabaseUserLifetimeSeconds * 1000);
         const role = getDefaultRoleFromConfig(this.config);
 
         await this.session.apiClient.createDatabaseUser({

tests/unit/common/config.test.ts

@@ -41,6 +41,11 @@ describe("config", () => {
                 { envVar: "MDB_MCP_HTTP_HOST", property: "httpHost", value: "localhost" },
                 { envVar: "MDB_MCP_IDLE_TIMEOUT_MS", property: "idleTimeoutMs", value: 5000 },
                 { envVar: "MDB_MCP_NOTIFICATION_TIMEOUT_MS", property: "notificationTimeoutMs", value: 5000 },
+                {
+                    envVar: "MDB_MCP_TEMPORARY_DATABASE_USER_LIFETIME_SECONDS",
+                    property: "temporaryDatabaseUserLifetimeSeconds",
+                    value: 12345,
+                },
             ] as const;
 
             for (const { envVar, property, value } of testCases) {
@@ -129,6 +134,10 @@ describe("config", () => {
                     cli: ["--notificationTimeoutMs", "42"],
                     expected: { notificationTimeoutMs: "42" },
                 },
+                {
+                    cli: ["--temporaryDatabaseUserLifetimeSeconds", "12345"],
+                    expected: { temporaryDatabaseUserLifetimeSeconds: "12345" },
+                },
                 {
                     cli: ["--telemetry", "enabled"],
                     expected: { telemetry: "enabled" },