On Feb 22, 2013, at 1:55 PM, Jeff Charette <[email protected]> wrote:
> So this would force me to host my own couch as opposed to using iris couch? If you can't use externals in Iris, then yes. If it helps, heres a quick rundown on how Im doing it. I use a database per role. Then a role is assigned to users based on their level of access to certain databases. The documents in the databases represent "rentable" pieces of hardware on a network. There are a number of apps which we host which utilize these databases to provide status and control of the elements. These apps provide authenticated users a view into the network based on their assigned roles. The trick was to seamlessly redirect user requests to their appropriate databases. For this there is a proxy which is entirely independent of couchdb. This proxy will sniff user auth from the request headers, whether it is basic or cookie, and ask _sessions for this users roles. The proxy then rewrites the url to the appropriate database. If the user doesn't exist, then he gets routed to the main database where his auth is going to fail. The other half of the beast are the replicators for moving docs from the main database to the users databases. Depending on your number of users, replication becomes a burden in itself. It would be real nice to offload this burden to someone like iris couch. I know, its a big song and dance, but its an approach. In your case, you might need to, at a minimum, host a proxy which routes to iris. Best Stephen Bartell > > Jeff Charette | Principal > We Are Charette > web / identity / packaging > > m 415.298.2707 > w wearecharette.com > e [email protected] > > On Feb 22, 2013, at 3:58 PM, Jan Lehnardt <[email protected]> wrote: > >> >> On Feb 22, 2013, at 21:46 , Jeff Charette <[email protected]> wrote: >> >>> Does anyone know how setup database per user in a couch app? Wouldn't this >>> just give admin access to the main db? >> >> People use background processes to create databases on demand. You can >> manage them with CouchDB’s “Externals” system. Listening on the _users db’s >> _changes feed and acting on that is common pattern. >> >> Cheers >> Jan >> -- >> >> >>> >>> I am trying to setup up a basic user signup, then give them protected docs. >>> I have it working for a whole database, but ran into trouble with >>> attachments. Many have also warned of the security issues of protecting >>> your docs with secure_rewrites. >>> >>> I'm stuck and thanks for all your time. >>> >>> Jeff Charette | Principal >>> We Are Charette >>> web / identity / packaging >>> >>> m 415.298.2707 >>> w wearecharette.com >>> e [email protected] >> >
