couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andy Wenk <andyw...@apache.org>
Subject Re: Options for OAuth with CouchDB
Date Sun, 30 Aug 2015 14:08:02 GMT
Hi Jonathan,

just quick: did you already read
http://docs.couchdb.org/en/latest/api/server/authn.html

especially

http://docs.couchdb.org/en/latest/api/server/authn.html#proxy-authentication
http://docs.couchdb.org/en/latest/api/server/authn.html#oauth-authentication

?

All the best

Andy

On 27 August 2015 at 19:06, Jonathan Hall <flimzy@flimzy.com> wrote:

> I'm working on a hybrid mobile/web app and find the prospect of using
> CouchDB quite promising.  The biggest obstacle I'm facing at the moment is
> how to handle authentication.
>
> I realize that CouchDB supports its own users database, which undoubtedly
> I will need to utilize (especially since I'll need to create one database
> per user of my app, for permission segmentation).
>
> But I want my app to allow logins via Facebook and Google (at minimum).
> What is the most common way to accomplish this with a CouchDB app?
>
> I figure I must have a server process somewhere that is has administrative
> privileges to Couchdb, and handles the OAuth2 auth requests, creates new
> users, etc, and hands the CouchDB credentials (or cookie) to the app client.
>
> Is this indeed the best approach?  Are there third party libraries or
> services that handle this for me? I don't mind paying for such a service
> (my dev time is worth more than monthly subscription fees in most cases).
>
> I've been looking at various third party services such as OAuth.io, Amazon
> Cognito, and even Firebase, to help with some of this.  I'm honestly a bit
> overwhelmed with the options and trying to parse marketing materials to
> decide if any of these services are granular enough to even help me. I'd
> really like to stick with CouchDB, to avoid the vendor lock-in that would
> come with a more complete solution like Firebase.
>
> I realize the question is a bit open-ended. I hope that's not problematic
> to getting a general/overview answer.
>
> I can divulge specific app details if it becomes relevant to the answer.
>
> Thanks for your time!
>
> -- Jonathan
>
>


-- 
Andy Wenk
Hamburg - Germany
RockIt!

GPG fingerprint: C044 8322 9E12 1483 4FEC 9452 B65D 6BE3 9ED3 9588

https://people.apache.org/keys/committer/andywenk.asc

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message