g'day this is about per-user authentication of replication. (similar to the thread "App layer on top of replication" but that's not exactly my use-case).
imagine a chat-room. each message is a document. each chat room is a database. no conflicts. Each user can participate in many chat rooms (=databases) and have them replicated to and from localy, continuosly (on as many devices he wants). the question is: how to make the authentication/security properly? so far i'm guessing i should have a separate user-account layer/module to know who is who on server. how to allow users to use only chat-rooms they're registered in? in case all couchdb-user's credential live in database, and hence are replicated, that is not usable.. how about replication itself? wrap it in some user-authenticated api-call/url-rewrite (and disable it for external world)? or something else? ciao svil
