How do I ensure that the current user has authorization to access a CouchDB database via PouchDB? From my experimentation, calling the new PouchDB() method with the CouchDB database name grants you access to that data.
Setting require_valid_user to true in Futon seems to work, but the Futon modal window still pops up after authenticating the user via POST /_session. I want to have a standard login screen (username and password) that logs the user into my application and grants access to the correct CouchDB database (via PouchDB). I can I do this? Any help will be greatly appreciated.
There is a PouchDB plugin built by Nolan Lawson that provides PouchDb with an authentication API:
var db = new PouchDB('http://mysite:5984/mydb');
db.login('batman', 'brucewayne').then(function (batman) {
console.log("I'm Batman.");
return db.logout();
});
Here are the methods it mixes in:
To prevent browser HTTP basic authentication modal dialogs of ye olde times, we have to be subtle in the way we use PouchDB. To prevent a rouge unauthenticated request to CouchDB (used to check whether the remote DB exists), pass skipSetup: true in Pouch's constructor options. Secondly, to authenticate the request against _session, add the HTTP basic authorization header to db.login()'s AJAX options.
var user = {
name: 'admin',
password: 'admin'
};
var pouchOpts = {
skip_setup: true
};
var ajaxOpts = {
ajax: {
headers: {
Authorization: 'Basic ' + window.btoa(user.name + ':' + user.password)
}
}
};
var db = new PouchDB('http://localhost:5984/test', pouchOpts);
db.login(user.name, user.password, ajaxOpts).then(function() {
return db.allDocs();
}).then(function(docs) {
console.log(docs);
}).catch(function(error) {
console.error(error);
});
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With