incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Anderson <jch...@apache.org>
Subject Re: Authentication Questions
Date Wed, 09 Sep 2009 03:03:56 GMT
Aaron,

You could probably get it done with the built-in validation functions.
There are some missing pieces (like non-admin roles) but even without
those you can enforce anonymous users to be read-only.

Chris

On Tue, Sep 8, 2009 at 11:51 AM, Aaron Quint<aaron@quirkey.com> wrote:
> Thanks, Jason! Thats great news. Let me know if theres a git branch to
> follow or if you need any help testing.
> --AQ
>
> Aaron Quint
> http://www.quirkey.com
>
>
>
> On Tue, Sep 8, 2009 at 1:30 PM, Jason Davies<jason@jasondavies.com> wrote:
>> Hi Aaron,
>>
>> I'm working on this as we speak, in particular being able to set particular
>> roles on a per-db basis.  As part of this I will be adding a way to set the
>> default (anonymous user) role e.g. if you want read-only access for
>> non-logged-in users.
>>
>> I will let you know on this thread when I have something ready for testing.
>>
>> Cheers,
>> --
>> Jason Davies
>>
>> www.jasondavies.com
>>
>> On 8 Sep 2009, at 18:09, Aaron Quint wrote:
>>
>>> I've been working on a fun couchapp type full javascript app built on
>>> CouchDB that I hope to unveil at jQuery Conf this weekend.
>>> The biggest piece left is getting some kind of
>>> authentication/authorization in place so that I can actually put it on
>>> a server for other people to use/play with. I've been using/testing
>>> with 0.10 locally and since the wiki doesnt have much up to date info,
>>> I've found the best resource to be the JS tests.
>>>
>>> So questions:
>>> - If I'm not logged in as a specific user /_session returns
>>> {"ok":true,"name":null,"roles":["_admin"]}
>>> Which means that as a guest I have admin privileges. If I set
>>> require_valid_user = true, though I have to be logged in to view any
>>> document. Is there any way to change the roles of the default user?
>>> Ideally if I wasnt logged in as a specific user I could only have read
>>> access so I could still view documents and see a page where I could
>>> log in.
>>> - If I'm logged in as read only I still have access to the users
>>> database - is there anyway to prevent this?
>>>
>>> I totally understand that the auth stuff is early days but any help
>>> would be appreciated. I would love to be able to run this app and
>>> couchdb on :80.
>>> Thanks!
>>> --AQ
>>>
>>> Aaron Quint
>>> http://www.quirkey.com
>>
>>
>



-- 
Chris Anderson
http://jchrisa.net
http://couch.io

Mime
View raw message