I'm working on a hybrid mobile/web app and find the prospect of using
CouchDB quite promising. The biggest obstacle I'm facing at the moment
is how to handle authentication.
I realize that CouchDB supports its own users database, which
undoubtedly I will need to utilize (especially since I'll need to create
one database per user of my app, for permission segmentation).
But I want my app to allow logins via Facebook and Google (at minimum).
What is the most common way to accomplish this with a CouchDB app?
I figure I must have a server process somewhere that is has
administrative privileges to Couchdb, and handles the OAuth2 auth
requests, creates new users, etc, and hands the CouchDB credentials (or
cookie) to the app client.
Is this indeed the best approach? Are there third party libraries or
services that handle this for me? I don't mind paying for such a service
(my dev time is worth more than monthly subscription fees in most cases).
I've been looking at various third party services such as OAuth.io,
Amazon Cognito, and even Firebase, to help with some of this. I'm
honestly a bit overwhelmed with the options and trying to parse
marketing materials to decide if any of these services are granular
enough to even help me. I'd really like to stick with CouchDB, to avoid
the vendor lock-in that would come with a more complete solution like
Firebase.
I realize the question is a bit open-ended. I hope that's not
problematic to getting a general/overview answer.
I can divulge specific app details if it becomes relevant to the answer.
Thanks for your time!
-- Jonathan
