My most recent app, which we're using at SXSW for badge pickup, is a pure CouchApp. If you're at SXSW, try and find me and I'll show it to you. Or, look over the counter when you come pick up your badge.
-David Rose SXSW On Wed, Mar 6, 2013 at 3:37 PM, svilen <a...@svilendobrev.com> wrote: > i'm trying to use couchdb as user-facing storage, message > transport, as well as authentication. All changes=signals are handled > via secondary pub-sub-dispatcher in python (somewhat like syncpoint). > Clients replicate and talk to their own copies mostly. > Still no escape from extra webapp/python layer - to click on the link > in the confirmation email, accounts and all that webapp. Mostly > achieving same fuctionality being triggered both via http as well > as document-changes. i'm staying away from js although i do generate the > js, java, objC, .. for models or view map/reduce funcs. Haven't put > any thought on further scaling or wrapping. or validation of > FiniteStateMachines that the app has turned into. or.. Maintenance. > > Though i'm quite stretched... as authentication is not > well exampled, does not easy fit the > multiple-changeable-keysets-per-user reality, and only plain > usr/psw is 100% supported in mobile touchdb replications. > > but ce-la-vie. will invent something.. > > svil > www.svilendobrev.com/rabota/ > > On Wed, 6 Mar 2013 15:20:29 -0500 > Simon de boer <sdeb...@ingamer.com> wrote: > > > It would be great to take out the application layer, but the need for > > more Authorization controls in a relatively straight forward manner > > would be key to having this work. > > > > There are many use cases where data for one user should be completely > > impossible to access by another user. And the more complex case of > > some data being conditionally private, ex. my friends can see my email > > address, but it is private for all other users. > > > > Not only do these sort of inter-connections require more authorization > > capability, but might require extreme engineering in order to wedge > > them into the CouchDB paradigm. > > > > The other option is that some requests go direct to CouchDB, as in the > > public items, but other items go through the application. Which is > > entirely viable, but you would be have be working at such a scale to > > make the overhead of maintaining this setup worthwhile. > > > > FWIW: I use a heavy Javascript client, Rails (Apache + Passenger), > > MemCache, with data migrating on a feature by feature basis from MySQL > > and to CouchDB. The eventual plan is to move to a much thinner > > Application Server with data backed by Redis and CouchDB. > > > > On Wed, Mar 6, 2013 at 3:05 PM, Sean Copenhaver > > <sean.copenha...@gmail.com> wrote: > > > I've made a site that was only a couchapp and enjoyed the > > > experience quite a bit. I've also used it for internal tooling to > > > store data and to host mini couchapps for search or utility pages. > > > > > > In all cases though security of data (at least I didn't care who > > > could read the data) was not a requirement and I've greatly > > > enjoyed my experiences. I would love to play around with gardener > > > along with an OS daemon to try a tightly coupled nodejs + couchdb > > > setup. Would also love to see CouchDB hosts to offer such things as > > > well. > > > > > > > > > > > > On Wed, Mar 6, 2013 at 2:51 PM, Dan Santner <dansant...@me.com> > > > wrote: > > > > > >> I think it's brilliant as just a database and no more. So that's > > >> how I use it. I have a similar setup to your #2. Perhaps that > > >> just because I feel most comfortable with that type of setup. > > >> This way I don't burden couch with anything security related. It > > >> just eats and serves docs. My app tier handles the access control > > >> and other tasks like email or any other services over the net that > > >> I need to use. > > >> > > >> > > >> On Mar 6, 2013, at 1:27 PM, Wendall Cada <wenda...@83864.com> > > >> wrote: > > >> > > >> > We use couchdb in two configurations. > > >> > > > >> > 1. As a couchapp serving content for basic consumption. (For a > > >> > url > > >> shortener service) > > >> > 2. As a database on localhost behind pylons or pyramid. > > >> > > > >> > To address the security question. We've been using couchdb for > > >> > long > > >> enough that it didn't have any security when we started using it in > > >> production (0.8). Up until recently _users was a somewhat insecure > > >> feature. It's only been with the release of 1.2.0 that _users is > > >> handled securely. > > >> > > > >> > For our needs, couchdb still does not have robust enough acls > > >> > for any of > > >> our applications, so for now, it needs to run behind our app > > >> servers. I see changes for this on the roadmap, but until this > > >> actually happens, couchdb will happily sit on localhost serving > > >> docs. > > >> > > > >> > I'm not sure why it isn't understood that based on it's history, > > >> > CouchDB > > >> has mostly been used as a database. I know people want it to be an > > >> app server, but, in my opinion, that's the weakest part of the > > >> entire system. > > >> > > > >> > Wendall > > >> > > > >> > On 03/06/2013 09:51 AM, Robert Newson wrote: > > >> >> "How does everyone solve the security issue?" > > >> >> > > >> >> What security problem? Only administrators can modify design > > >> >> documents. > > >> >> > > >> >> B. > > >> >> > > >> >> On 6 March 2013 11:38, Aurélien Bénel <aurelien.be...@utt.fr> > > >> >> wrote: > > >> >>> Hi, > > >> >>> > > >> >>>> just out of curiosity, would like to hear how CouchDB is > > >> >>>> being used > > >> in your web environment.... > > >> >>> We have two main setups: > > >> >>> - CouchApps, > > >> >>> - REST APIs used by heavy clients (Java or Firefox extensions) > > >> >>> and > > >> attached Web applications. > > >> >>> > > >> >>>> How does everyone solve the security issue? > > >> >>> We always use CouchDB behind a reverse proxy to add LDAP > > >> authentication and authorization when needed. > > >> >>> > > >> >>> > > >> >>> Regards, > > >> >>> > > >> >>> Aurélien > > >> > > > >> > > >> > > > > > > > > > -- > > > “The limits of language are the limits of one's world. “ - Ludwig > > > von Wittgenstein > > > > > > "Water is fluid, soft and yielding. But water will wear away rock, > > > which is rigid and cannot yield. As a rule, whatever is fluid, soft > > > and yielding will overcome whatever is rigid and hard. This is > > > another paradox: what is soft is strong." - Lao-Tzu > > > > > > > > -- > > Become the head coach with InGamer Sports! > > http://www.InGamer.com/ > > > > Simon de Boer > > 519-400-4774 >
