I've been able to create databases from Nodejs using the Pouchdb module (after opening CORS). Since I'm creating a db per user, I also need to create db specific credentials. If talking directly to CouchDB, I'd use their APIS for: set_permissions or generate_api_key, however as I'm leveraging Pouchdb for all my Couchdb interactions, I'm hoping that there is a way to do it from pouch.
I've read through all the Pouch docs and poked around the code, but to no avail, so i'm turning to StackO with the hopes that someone else might have more insight on this question :)
Thanks,
Paul
There is no way to control CouchDB permissions from PouchDB, unless you write your own plugin in PouchDB for this. How to do that here - http://pouchdb.com/api.html#plugins
Apart from that, the closest thing on operating user login and credentials in CouchDB from PouchDB is this plugin:
https://github.com/nolanlawson/pouchdb-authentication
Good luck
pouchdb-authentication is designed for use in the browser, but you can use nano to interface with CouchDB from Node. They've even got a section describing how to do authentication: https://www.npmjs.com/package/nano#using-cookie-authentication
Related
Trying to use pouchdb and couchdb in a new app I’m building for a client and I’m getting desperate after struggling with what I assume are some of the most basic things. All instructions I find on couchdb are using curl commands and I can’t seem to be able to translate them into my application code. I’m using nodejs and express.
Specifically I'm struggling with these two questions, but a more general instruction on how translate curl instructions into my node app would probably be most helpful if it is possible.
How do I add a _security document with a member role to a database with nano or node’s http?
How do I add a role to an existing user with nano or node’s http?
The PouchDB API is very easy to use. Most of the term used for PouchDB are similar to CouchDB.
As some of the feature of CouchDB are not implemented in the core PouchDB, some plugin exists.
For example, to use the _security : https://github.com/pouchdb/pouchdb-security
Before jumping into development, I'd like to get feedback on a change I'm thinking of making, moving from mongo to couch.
Basically I've got a webapp which is used to help organize users activities (todolist, calendar, notes, journal). It currently uses mongodb, but i'm thinking to move it to couch, mainly due to couches replication ability, and clientdb interaction (pouchdb). I have a similar homegrown setup on the browser using localstorage, backed by mongo, but am looking for a more mature solution.
Due to how couchdb differs from mongodb, I'm thinking that each user should have their own couch db, and their documents being each of my app components. Basically I have to move everything up a level with couch due to local db replication, and due to security.
I have 3 questions.
1) I assume that couch does not have document level security/authentication, correct? (Hence me moving each user assets to their own database, good idea?)
2) My plan is have users login to the website, then my backend nodejs code authenticates them, and sends them down some auth/session token. The javascript on the client then uses its local pouchdb data to set itself up, and also sends the replication request directly to the couchdb server (using the auth token it got from my server-side process). They should only have access to their database, since I can do per database auth access (correct?)
What do you think of that setup? It should work?
3) Regarding couchdb service providers, why do they vary so much on their couch version? IE, happycouch, 1.6.1, iris 1.5, cloudant, 1.0.2? And I also hear about couchdb 2.0 coming out soon... I'd like to use cloudant, but 1.0.2 is so many versions back from a 1.6 or 1.5, if I'm not doing anything exotic, does it matter?
Bonus question :p Continuing from the last question, do you know of any services that host node.js and have local instances of couchdb available? I'd like to use my backend server code as a proxy, but not at the expense of another network hop.
Thank you very much for your feedback,
Paul
Due to how couchdb differs from mongodb, I'm thinking that each user should have their own couch db
This is a CouchDB best practice. Good choice.
I assume that couch does not have document level security/authentication, correct? (Hence me moving each user assets to their own database, good idea?)
You are correct: https://github.com/nolanlawson/pouchdb-authentication
My plan is have users login to the website...
Yep. You can just pass the cookie headers straight through from Node.js to CouchDB, and it'll work fine. nano has some docs on how to do that: https://github.com/dscape/nano#using-cookie-authentication
Regarding couchdb service providers, why do they vary so much on their couch version
The Couch community is one big happy fragmented family. :)
I'd like to use cloudant, but 1.0.2 is so many versions back from a 1.6 or 1.5, if I'm not doing anything exotic, does it matter?
1.0.2 refers to when Cloudant forked CouchDB. They've added so many of their own features since then, that they're pretty much feature-equivalent by now.
The biggest difference between the various Couch implementation is in authentication. Everybody (Cloudant, CouchDB, Couchbase) does it differently.
I can't find any information on initalizing a couch db. What's the best method of initializing and creating the map and view functions for couchdb at deployment?
I have a node server which will access a couchdb. Should I just create the http calls necessary to create the proper logic on couchdb from my node server or is there a better way handling the initialization of the db?
EDIT: Also is there any good open source projects that I can take examples from?
I'm not sure your question is clear. Remember that CouchDB is schemaless, so, at startup, there probably isn't anything (ie, documents) on which to base view functions.
If you mean a helper to setup a design document with attachments and the like, in addition to the other answers, have a look at Kanso (http://kan.so). If you're comfortable with Node, you'll find it friendly.
If, on the other hand, you're looking for something to analyze existing docs in a CouchDB and guess at good views, I've haven't come across that yet.
One possibility would be to use erica.
I want to be able to enter data into an android phone phone through the browser using jquery mobile or other? Then want it to sync to a PC database later for querying. I looked at couchdb for other applications a couple of years ago and got on with futon etc fine. I wondered whether it was up to the problem I'm trying to solve now. So far found mobilefuton, android mobilefuton and pouchdb.
Is mobilefuton a web app or is data stored locally? Will not have net connection at point of data entry. I don't want to code in java so guess android mobile futon out. pouchdb looks promising.
Any thoughts?
Forgive me for saying there seems to be an apparent lack of documentation / examples for some of the above. Maybe it's just the level I'm coming at it.
Any pointers much appreciated. Thanks.
Mobile Futon is a CouchApp. It resides in the Couchbase instance on the device and is served from it to the WebView.
To answer your question. You won't need a data connection to use Mobile Futon even though it is a kind of web app.
Now to PouchDB. Here is a short cite of Dale Harvey's article Why PouchDB? CouchDB in the browser describing it in short.
PouchDB is a Portable CouchDB, it is a near complete implementation of Apache CouchDB that runs natively in the browser using IndexedDB as its storage mechanism, it has the same data model as CouchDB, the same conflict resolution and most importantly, it replicates with CouchDB.
I don't think that I am understanding how CouchDB works. My impression is that everything runs on the client side, so wouldn't that mean it is useless for storing user data because anyone can write a simple script to access that information? This doesn't make sense to me, do I have it all wrong?
Aside from map-reduce and update operations, everything in CouchDB does run on the client. In this context, client means client connecting to the database server, which will usually be an application or script running on your web server. That's the case for other database systems, too: to connect to a MySQL database from a PHP script, you need to use a MySQL client library.
One special thing about CouchDB is that instead of using its own transfer protocol (like other systems like MySQL do), it uses HTTP, which is implemented by almost every single available language out there. This makes the development of a CouchDB client extremely easy.
The other special thing about CouchDB is that its security model does allow you to let end users connect directly to the database. In such a situation, you would write a JavaScript application that runs entirely in the users' browsers and queries the database through AJAX. The server would then authenticate the user and grant access only to those databases that the user is allowed to access, in either read-only or read-write mode. While this requires a bid of server-side scaffolding (to register new users and create a brand new database for them).
But you don't have to. My company uses CouchDB as a general-purpose persistent storage that is completely invisible from the internet, and only our web server is allowed to access it.
There's a really good book on CouchDb here: http://guide.couchdb.org/