incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cameron Jacobson <>
Subject Simple CouchDB Proxy
Date Tue, 13 May 2014 09:54:13 GMT
Sorry if this is a duplicate post.  I noticed emails are coming through
again, but didn't see my post from May 9 on the most recent digest.


I've had an idea for a while that I'd like to start exposing my CouchDB
server to the web, since my general go-to solution is to use a web
framework as my "middleware" between the web and my CouchDB servers. 
For alot of what I find myself doing with CouchDB, even a lightweight
web framework is too much overhead, yet this has been my go-to strategy
for pretty much all of the projects I've done using CouchDB as the
primary backend datastore.

In the ideal scenario I'd be able to pick and choose what functionality
is safe to expose directly to the web, and what is not.  This would be
done by whitelisting particular endpoints you want to expose directly to
the web.

For example, suppose I have a set of real estate listings that I want to
display on a web page.  Now think about how much boilerplate server-side
code ultimately ends up being created in a typical scenario.  First
you're likely going to create your Controller, and define the endpoint. 
Then you create your data Model, then perhaps a Collection Model.  Then
finally code the controller endpoint to retrieve the data from the
database, check for errors, and return appropriately.  Then you write
your tests, which inherently becomes more complex and time-consuming for
no reason besides all the extra boilerplate that exists between the web
browser and your CouchDB server.  On the other hand, it's likely both
reasonable, and worthwhile to spend the extra time adding these
additional layers of indirection to enhance security and integrity of
things like "users" data, or to determine if someone has authorization
to update particular records, etc.

Basically what I've been looking for is a very lightweight proxy that
can act as a filter for specific api endpoints that I've decided to
expose to the web.  I've experimented with existing infrastructure that
are themselves proxy servers, or have proxy functionality already built
in, but they always feel bulky and generally just not a good fit for
what I'm trying to accomplish.

So I finally broke down to create a basic proof of concept to get a feel
for what it would take.  It was also a perfect opportunity to continue
to expand my experience with the Go programming language.

Though this is very rough and basic, I feel it's far enough along so
that folks could get the idea of what it is and what it would do, and so
before I start spending any substantial amount of time on this, I'd love
some feedback.  Both to find out what others may already be using for
this same type of functionality, and to get some idea as to some of the
things you'd want in a product like this, if you could see something
like this being used for real-world production deployments.

And finally, assuming that it's possible to deploy something like this
safely when done correctly, if anyone has some insights into the
potential security issues specific to CouchDB or gotchas that if not
handled correctly could expose security vulnerabilities, I'd love to
hear about that as well.

View raw message