couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Higham <mar...@ocasta.co.uk>
Subject Re: Options for OAuth with CouchDB
Date Sun, 30 Aug 2015 16:41:36 GMT
We implemented Facebook and Twitter OAuth quite a while ago -
https://github.com/ocastalabs/CouchDB-XO_Auth

I haven't tried it with the latest CouchDB but really should find the time
to do so. The worst case is that is gives you a great place to start

Google OAuth should be an exact copy of Facebook with only the URL's
changed if my memory serves me correctly.

Martin


On Sun, 30 Aug 2015 at 17:19 Jonathan Hall <flimzy@flimzy.com> wrote:

> Sorry, I hit "send" too soon.
>
> So yes, I have read that document.  And I think I have a pretty good
> understanding of how CouchDB auth works, and how I can "roll my own"
> integration between Facebook/Google/whatever OAuth2 provider and Couch.
>
> I was hoping there was some existing service (or library) which already
> does this heavy lifting for me. It seems like the kind of problem that a
> significant number of CouchDB users are likely to face, so I'm hoping
> there's some sort of established work flow. Or does everyone indeed roll
> their own in this case?
>
> -- Jonathan
>
>
> On 08/30/2015 09:08 AM, Andy Wenk wrote:
> > Hi Jonathan,
> >
> > just quick: did you already read
> > http://docs.couchdb.org/en/latest/api/server/authn.html
> >
> > especially
> >
> >
> http://docs.couchdb.org/en/latest/api/server/authn.html#proxy-authentication
> >
> http://docs.couchdb.org/en/latest/api/server/authn.html#oauth-authentication
> >
> > ?
> >
> > All the best
> >
> > Andy
> >
> > On 27 August 2015 at 19:06, Jonathan Hall <flimzy@flimzy.com> wrote:
> >
> >> I'm working on a hybrid mobile/web app and find the prospect of using
> >> CouchDB quite promising.  The biggest obstacle I'm facing at the moment
> is
> >> how to handle authentication.
> >>
> >> I realize that CouchDB supports its own users database, which
> undoubtedly
> >> I will need to utilize (especially since I'll need to create one
> database
> >> per user of my app, for permission segmentation).
> >>
> >> But I want my app to allow logins via Facebook and Google (at minimum).
> >> What is the most common way to accomplish this with a CouchDB app?
> >>
> >> I figure I must have a server process somewhere that is has
> administrative
> >> privileges to Couchdb, and handles the OAuth2 auth requests, creates new
> >> users, etc, and hands the CouchDB credentials (or cookie) to the app
> client.
> >>
> >> Is this indeed the best approach?  Are there third party libraries or
> >> services that handle this for me? I don't mind paying for such a service
> >> (my dev time is worth more than monthly subscription fees in most
> cases).
> >>
> >> I've been looking at various third party services such as OAuth.io,
> Amazon
> >> Cognito, and even Firebase, to help with some of this.  I'm honestly a
> bit
> >> overwhelmed with the options and trying to parse marketing materials to
> >> decide if any of these services are granular enough to even help me. I'd
> >> really like to stick with CouchDB, to avoid the vendor lock-in that
> would
> >> come with a more complete solution like Firebase.
> >>
> >> I realize the question is a bit open-ended. I hope that's not
> problematic
> >> to getting a general/overview answer.
> >>
> >> I can divulge specific app details if it becomes relevant to the answer.
> >>
> >> Thanks for your time!
> >>
> >> -- Jonathan
> >>
> >>
> >
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message