incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aaron Quint <aa...@quirkey.com>
Subject Re: Authentication Questions
Date Wed, 09 Sep 2009 14:07:32 GMT
Hey Chris,

I was thinking about that, but it brings me to another question: So in
the validate doc, how do I check the userCtx argument for 'logged' in
status? Will the even be a userCtx argument if I'm not logged in?
Thanks for your help
--AQ

Aaron Quint
http://www.quirkey.com



On Tue, Sep 8, 2009 at 11:03 PM, Chris Anderson<jchris@apache.org> wrote:
> Aaron,
>
> You could probably get it done with the built-in validation functions.
> There are some missing pieces (like non-admin roles) but even without
> those you can enforce anonymous users to be read-only.
>
> Chris
>
> On Tue, Sep 8, 2009 at 11:51 AM, Aaron Quint<aaron@quirkey.com> wrote:
>> Thanks, Jason! Thats great news. Let me know if theres a git branch to
>> follow or if you need any help testing.
>> --AQ
>>
>> Aaron Quint
>> http://www.quirkey.com
>>
>>
>>
>> On Tue, Sep 8, 2009 at 1:30 PM, Jason Davies<jason@jasondavies.com> wrote:
>>> Hi Aaron,
>>>
>>> I'm working on this as we speak, in particular being able to set particular
>>> roles on a per-db basis.  As part of this I will be adding a way to set the
>>> default (anonymous user) role e.g. if you want read-only access for
>>> non-logged-in users.
>>>
>>> I will let you know on this thread when I have something ready for testing.
>>>
>>> Cheers,
>>> --
>>> Jason Davies
>>>
>>> www.jasondavies.com
>>>
>>> On 8 Sep 2009, at 18:09, Aaron Quint wrote:
>>>
>>>> I've been working on a fun couchapp type full javascript app built on
>>>> CouchDB that I hope to unveil at jQuery Conf this weekend.
>>>> The biggest piece left is getting some kind of
>>>> authentication/authorization in place so that I can actually put it on
>>>> a server for other people to use/play with. I've been using/testing
>>>> with 0.10 locally and since the wiki doesnt have much up to date info,
>>>> I've found the best resource to be the JS tests.
>>>>
>>>> So questions:
>>>> - If I'm not logged in as a specific user /_session returns
>>>> {"ok":true,"name":null,"roles":["_admin"]}
>>>> Which means that as a guest I have admin privileges. If I set
>>>> require_valid_user = true, though I have to be logged in to view any
>>>> document. Is there any way to change the roles of the default user?
>>>> Ideally if I wasnt logged in as a specific user I could only have read
>>>> access so I could still view documents and see a page where I could
>>>> log in.
>>>> - If I'm logged in as read only I still have access to the users
>>>> database - is there anyway to prevent this?
>>>>
>>>> I totally understand that the auth stuff is early days but any help
>>>> would be appreciated. I would love to be able to run this app and
>>>> couchdb on :80.
>>>> Thanks!
>>>> --AQ
>>>>
>>>> Aaron Quint
>>>> http://www.quirkey.com
>>>
>>>
>>
>
>
>
> --
> Chris Anderson
> http://jchrisa.net
> http://couch.io
>

Mime
View raw message