couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Cottlehuber <...@jsonified.com>
Subject Re: Allowing access only to authenticated users
Date Sat, 08 Sep 2012 14:51:22 GMT
On 8 September 2012 10:32, Wordit <wordituk@gmail.com> wrote:
> Is there a way of allowing access only to authenticated users?
> The only default role is "_admin" according to the docs I could find.
> There's no "_user" role, meaning anyone in the _users db, is there?
>
> I'd rather not have the data completely public, only accessible to
> signed-up users. People in the "_users" database.
>
> Adding each individual user who signs up to a custom role "users"
> doesn't sound like a good way to achieve this. Or is the only way? Any
> suggestions?
>
> Thanks,
>
> Marcus

What you likely want is this, and then to control signups as needed?

[couch_httpd_auth]
require_valid_user = true

AFAICT from the code, this requires all access to CouchDB APIs to be
authenticated. However
https://issues.apache.org/jira/browse/COUCHDB-1452 might present some
issues, depending on how you are authorising users.

A+
Dave

Mime
View raw message