All geek questions in one place

PouchDB sync permission?

How can I guarantee that the current user has authorization to access the CouchDB database through PouchDB? From my experiments, calling the new PouchDB () method with the database name CouchDB gives you access to this data.

Setting require_valid_user to true in Futon seems to work, but the Futon modal window still appears after user authentication through POST / _session. I want to have a standard login screen (username and password) that logs the user into my application and provides access to the correct CouchDB database (via PouchDB). I can do it? Any help would be greatly appreciated.

+6
source share
1 answer

There is a PouchDB plugin created by Nolan Lawson that provides the PouchDb authentication API:

var db = new PouchDB('http://mysite:5984/mydb'); db.login('batman', 'brucewayne').then(function (batman) { console.log("I'm Batman."); return db.logout(); });

Here are the methods in which it is mixed:

  • registration
  • To come in
  • Output
  • getSession
  • Getuser

To prevent basic HTTP browser authentication authentication in the old days, we need to be subtle about how we use PouchDB. To prevent rushing of an unauthorized request to CouchDB (used to check for the presence of a remote database), pass skipSetup: true in the parameters of the Pouch constructor. Secondly, to authenticate the request against _session, add the HTTP basic authorization header to the db.login () parameters of AJAX.

 var user = { name: 'admin', password: 'admin' }; var pouchOpts = { skipSetup: true }; var ajaxOpts = { ajax: { headers: { Authorization: 'Basic ' + window.btoa(user.name + ':' + user.password) } } }; var db = new PouchDB('http://localhost:5984/test', pouchOpts); db.login(user.name, user.password, ajaxOpts).then(function() { return db.allDocs(); }).then(function(docs) { console.log(docs); }).catch(function(error) { console.error(error); });
+7
source

Source: https://habr.com/ru/post/977305/

More articles:


All Articles