Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

CouchApp user registration

I'm building a standalone couchdb application. These are called couchapps. The idea is that the database itself is served on port 80 and returns HTML and works as the actual website. This is a very powerful idea and I'm entirely amazed by this new concept of having your code live inside your database.

But I'm having some issues with user registration. The one built into couchdb allows for cookies to be set and makes it really easy to plug it into your website. But there's several quite important things missing that my app requires in order to say that it has a "proper" user registration system.

  1. There's no signup verification. No email is sent, no captcha is displayed. This means that anyone could spam your _users database and create as many new users as they please.

  2. If a user forgets their password there's no facility to help them recover it.

Any idea how I could overcome these issues without doing any hardcore Erlang development at a lower level (not an Erlang guy)? It would also be great if anybody knew if I could be using OAuth to authenticate against Twitter or GitHub accounts and have that integrate seemlessly with how couchdb data is handled (inside validate_doc_update functions).

Thank you

like image 457
Luca Matteis Avatar asked Dec 01 '11 13:12

Luca Matteis


1 Answers

While the built in user database can work, I would not recommend it for the workflow you describe. Here are some other options:

Browser ID

I would really recommend using BrowserID. IrisCouch has provided a plugin to couchdb here:

https://github.com/iriscouch/browserid_couchdb

This will take care of the normal registration workflow.

If you want to take it a step further and have your users "Fairly Anonymous", you can follow the example of this couchapp called "Mingle"

https://github.com/thedod/Mingle

Twitter Integration

Max Ogden's "DataCouch" project has a log in via twitter, although it is using some Node external processors to make it work. See here:

https://github.com/maxogden/datacouch/blob/master/processors/auth/twitterauth.js

Facebook integration

https://github.com/ocastalabs/CouchDB-Facebook-Authentication

OpenID

https://github.com/mcaprari/couchdb-openid


I dont think you can use the oauth purely with Couch, as this post suggests:

http://bennolan.com/2011/01/11/couchdb-oath.html

so the closest you will get there is following what Datacouch has done.

Hope these suggestions help.

like image 72
Ryan Ramage Avatar answered Oct 24 '22 02:10

Ryan Ramage