My goal is to be able to read one database without having to authenticate the user, authentication for editing this database should be required. All other databases should only be read/writeable for valid users. And I don't want having to set it for every database I create in the future, authentication required for read/write required should be the default.
I thought I could do this by setting require_valid_user
to true
, but now CouchDB always asks for username and password, so I need a way to exclude one database. This database should be readable for public and writeable for valid users then.
I get around this problem by authenticating all users through one single database (i.e. /login). That database is public, and contains a design document with an HTML file as an attachment. The user is served this file, fills out their credentials on a form, and I use jQuery.couch.js to authenticate and store a cookie in their browser. Once they've got a valid login, I inspect the userCtx object to check their role, and redirect them to the appropriate database.
It's a hack, but until CouchDB is able to serve a login page instead of a JSON error message whenever you're not logged into a database, it's the only reliable method I've found.
Make sure to protect your public login database with a validate_doc_update key in the design document, so nobody but admins can overwrite anything in it.
Hope this helps.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With