couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aliaksandr Barysiuk <>
Subject User management and SSO
Date Wed, 11 Jul 2012 13:17:53 GMT

I'm looking for a best practice of managing users using CouchDB. And current question regards
of sign in with LinkedIn 
API. Here is a description of what we have now:

Simple login form contains username and password inputs + 3 buttons: signup, login, login
with LinkedIn.

1. Behind of the simple sign up is saving user in _user table using format

{ "_id" : "org.couchdb.user:joe", "type" : "user", "name" : "joe", "roles" : ["erlanger"],
"password_sha" : 
"fe95df1ca59a9b567bdca5cbaf8412abd6e06121", "salt" : "4e170ffeb6f34daecfd814dfb4001a73" }

- Can i add extra information to this document? We have additional fields like emails, lastname,
- If no - how and where should i add them then?

2. Linked in sign up is more complicated:
- bind function on button click that will query username and password from LinkedIn. Data
is returned in following format:
"_total": 1,
"values": [{
"_key": "~",
"firstName": "John",
"headline": "Software Developer at Google Inc",
"id": "Kjd6_Sghf8",
"lastName": "Smith"

And now i do not know what to do next with this info. First thoughts were: search by LinkedIn
id (like 
"org.couchdb.user:Kjd6_Sghf8" but how can i search in _users table??) -> if user is in
db call
_session and set cookie, if user is not in db - save it in _users table and call _session
to set cookie. Is it correct?

General questions:
- how to link business users of application and couchdb users? the former have more information
- what is default approach of using different SSO systems?

Thank you


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message