couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Cottlehuber <...@jsonified.com>
Subject Re: use case: replication of many databases, with/by many users
Date Thu, 13 Sep 2012 14:13:56 GMT
On 13 September 2012 08:17, svilen <az@svilendobrev.com> wrote:
> g'day
> this is about per-user authentication of replication. (similar to the
> thread "App layer on top of replication" but that's not exactly my
> use-case).
>
> imagine a chat-room. each message is a document. each chat room is a
> database. no conflicts. Each user can participate in many chat rooms
> (=databases) and have them replicated to and from localy, continuosly
> (on as many devices he wants).
>
> the question is: how to make the authentication/security properly?
>
> so far i'm guessing i should have a separate user-account layer/module
> to know who is who on server.
>
> how to allow users to use only chat-rooms they're registered in?
> in case all couchdb-user's credential live in database, and hence are
> replicated, that is not usable..
>
> how about replication itself? wrap it in some user-authenticated
> api-call/url-rewrite (and disable it for external world)? or something
> else?
>
> ciao
> svil

Assuming you have a hub node that has all user accounts and a db per
chat room, that all external users replicate from/to, you could simply
use DB roles.

When you join a chat room, you'd need to be added to the role list for
that DB (by some process external to couch that knows if you are
allowed to access it), and then you could set up replication on the
endpoint node.

Would that be sufficient?

A+
Dave

Mime
View raw message