couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andy Wenk <andyw...@apache.org>
Subject Re: Options for OAuth with CouchDB
Date Sun, 30 Aug 2015 16:51:35 GMT
Martin, would be awesome to see if it is running with 1.6.1 ;-)

On 30 August 2015 at 18:41, Martin Higham <martin@ocasta.co.uk> wrote:

> We implemented Facebook and Twitter OAuth quite a while ago -
> https://github.com/ocastalabs/CouchDB-XO_Auth
>
> I haven't tried it with the latest CouchDB but really should find the time
> to do so. The worst case is that is gives you a great place to start
>
> Google OAuth should be an exact copy of Facebook with only the URL's
> changed if my memory serves me correctly.
>
> Martin
>
>
> On Sun, 30 Aug 2015 at 17:19 Jonathan Hall <flimzy@flimzy.com> wrote:
>
> > Sorry, I hit "send" too soon.
> >
> > So yes, I have read that document.  And I think I have a pretty good
> > understanding of how CouchDB auth works, and how I can "roll my own"
> > integration between Facebook/Google/whatever OAuth2 provider and Couch.
> >
> > I was hoping there was some existing service (or library) which already
> > does this heavy lifting for me. It seems like the kind of problem that a
> > significant number of CouchDB users are likely to face, so I'm hoping
> > there's some sort of established work flow. Or does everyone indeed roll
> > their own in this case?
> >
> > -- Jonathan
> >
> >
> > On 08/30/2015 09:08 AM, Andy Wenk wrote:
> > > Hi Jonathan,
> > >
> > > just quick: did you already read
> > > http://docs.couchdb.org/en/latest/api/server/authn.html
> > >
> > > especially
> > >
> > >
> >
> http://docs.couchdb.org/en/latest/api/server/authn.html#proxy-authentication
> > >
> >
> http://docs.couchdb.org/en/latest/api/server/authn.html#oauth-authentication
> > >
> > > ?
> > >
> > > All the best
> > >
> > > Andy
> > >
> > > On 27 August 2015 at 19:06, Jonathan Hall <flimzy@flimzy.com> wrote:
> > >
> > >> I'm working on a hybrid mobile/web app and find the prospect of using
> > >> CouchDB quite promising.  The biggest obstacle I'm facing at the
> moment
> > is
> > >> how to handle authentication.
> > >>
> > >> I realize that CouchDB supports its own users database, which
> > undoubtedly
> > >> I will need to utilize (especially since I'll need to create one
> > database
> > >> per user of my app, for permission segmentation).
> > >>
> > >> But I want my app to allow logins via Facebook and Google (at
> minimum).
> > >> What is the most common way to accomplish this with a CouchDB app?
> > >>
> > >> I figure I must have a server process somewhere that is has
> > administrative
> > >> privileges to Couchdb, and handles the OAuth2 auth requests, creates
> new
> > >> users, etc, and hands the CouchDB credentials (or cookie) to the app
> > client.
> > >>
> > >> Is this indeed the best approach?  Are there third party libraries or
> > >> services that handle this for me? I don't mind paying for such a
> service
> > >> (my dev time is worth more than monthly subscription fees in most
> > cases).
> > >>
> > >> I've been looking at various third party services such as OAuth.io,
> > Amazon
> > >> Cognito, and even Firebase, to help with some of this.  I'm honestly a
> > bit
> > >> overwhelmed with the options and trying to parse marketing materials
> to
> > >> decide if any of these services are granular enough to even help me.
> I'd
> > >> really like to stick with CouchDB, to avoid the vendor lock-in that
> > would
> > >> come with a more complete solution like Firebase.
> > >>
> > >> I realize the question is a bit open-ended. I hope that's not
> > problematic
> > >> to getting a general/overview answer.
> > >>
> > >> I can divulge specific app details if it becomes relevant to the
> answer.
> > >>
> > >> Thanks for your time!
> > >>
> > >> -- Jonathan
> > >>
> > >>
> > >
> >
> >
>



-- 
Andy Wenk
Hamburg - Germany
RockIt!

GPG fingerprint: C044 8322 9E12 1483 4FEC 9452 B65D 6BE3 9ED3 9588

https://people.apache.org/keys/committer/andywenk.asc

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message