5

Background research:

User Signup in Couchapp/CouchDB through jquery.couch.js or Otherwise

http://blog.couchbase.com/what%E2%80%99s-new-couchdb-10-%E2%80%94-part-4-security%E2%80%99n-stuff-users-authentication-authorisation-and-permissions

https://issues.apache.org/jira/browse/COUCHDB-1175 - specifically "Ari Najarian" 's posts

Question:

To paraphrase the SO question I posted above:

"Essentially I want to have a signup form for registering an account in couchdb for a couchapp. This would entail creation of a new user in the couchdb _users database, and the creation of a new database, with the new user assigned the role of database admin. All that requires server admin credentials."

The answer to the previous question involved using an external separate server that was logged in to couchdb as admin to monitor couchdb and modify couchdb as desired in response to certain data events coming from a client.

My question is - is that the only way? Doesn't that defeat the whole purpose of couchdb's 2-tier web stack? Is there some way to modify a couchdb database from within a validation function which checks for "type == user" document while "internally"/separately logged in as an admin maybe?

I apologize if there is some straightforward way to do this and I just didn't find the right documentation.

Extra Problem Clarification:

  1. There is the couchdb instance sitting at an internet address.
  2. This couch database serves to a random client an html page and embedded javascript script that contains a signup/login form.
  3. The client enters signup info (name, password) and submits
  4. The JS script uses the XMLHttpRequest object to open a connection to the couchdb instance and sends...PROBLEM!

Problem #1 - If the credentials are stored in the code (to be sent as verification for new user database), then anyone could "view html source" and take over the database.

-OR-

Problem #2 - If credentials are not supplied and the request is sent anonymously, then a new user will be created in the _users database and a success reply message will be sent. But no new database was created for the user (and can't be without admin credentials) which the user can interact with for application-specific purposes (e.g. add/delete data). And - from the above couchbase blog link - if you have secured your database with roles/names against anonymous readers and validation functions to prevent anonymous writes, then an anonymous-made user account (e.g. a client who wants to register database space to use the app) can not do anything because an anonymous user cannot, for obvious security reasons, specify whatever roles they wish to have. Which means that the only way to have -functional- users is to create user accounts + associated databases as admin beforehand and then hand out these user credentials - so like a private invite system, yes?

To reiterate, is there any way, using ONLY couchdb and some combination of couchdb's authentication handlers, design document functions, client-side ajax, etc. for a connecting client to register and get a personal database (and ONLY that database obviously) they have access to and can interact with?

Community
  • 1
  • 1
jigritsn
  • 63
  • 2
  • 6
  • possible duplicate of [User Signup in Couchapp/CouchDB through jquery.couch.js or Otherwise](http://stackoverflow.com/questions/5305543/user-signup-in-couchapp-couchdb-through-jquery-couch-js-or-otherwise) – C. Ross Feb 29 '12 at 13:23
  • I have that question listed in my "background research" section of my question (and so the 2 questions are linked now). I created this post because the suggestion solutions on the other question involve adding another mini-layer to the couchdb tier and I want to know if there is a "pure" couchdb solution to the problem. I would have posted to the above link but I didn't want to hijack another person's question. – jigritsn Feb 29 '12 at 16:31
  • This question is certainly relevant. I want to have a pure AND secure, couchdb-only solution – gregm Jun 04 '12 at 18:33
  • Would this work? https://github.com/iriscouch/browserid_couchdb – gregm Jun 04 '12 at 18:53
  • @gregm - thanks for the suggestion. I've visited that link before and, from what I understand, that simply creates a user account in the _users database in a couchdb instance but not an associated database that that user is admin over. From the link: "" * Users log in through BrowserID instead of passwords * The first time a user logs in, CouchDB will create an **account** for them. "" So it seems like a wrapper for the process of an anonymous user creating a non-functional account in the database. – jigritsn Jun 05 '12 at 23:15

1 Answers1

4

This isn't a PURE couch solution, but it's couch + node, and solves your problem:

Hi I haven't been around in awhile and didn't realize this was edited / link removed (plus policy of links not being answers! sorry...). I have been using couchdb on a project very similar to what you are trying to do, and unfortunately there is no way to do what you want to accomplish without tacking on another service to handle the admin-level access and creation of user database. Syncpoint-API can be used to facilitate this, but it is actually a nodejs service handling the signup/login and dedicated database setup.

So far though, Syncpoint has proven to not be 100% reliable and it does appear to be an abandoned project, due to CouchBase sucking all the r+d resources away from CouchDB dev.

I'm now moving to nodejs + socket.io as a transport layer, using node to handshake and assign a DB, and then further watching the couch _changes api on the server (via yet another node process) to then forward _changes through socket.io to the client. Also I have some "pure" couchapps running that serve public data mixed in with the private data.

My conclusion? CouchDB is a great product and has some great features, but for the more complex login/authorization schemes and other general application needs required in real-world dev, it's just not ready yet.

kfancy
  • 56
  • 3
  • Hi new user and thanks for the answer. Please post at least a description of the solution; links alone are not answers as per the guidelines (and they may be removed). – Maarten Bodewes Sep 28 '12 at 23:12
  • 1
    @kfancy - no worries about the delayed update, I haven't checked this question in months either. Your solution to use a node-based mini-tier as mediator between couchdb's _changes feed and client requests is what another Stack Overflow question suggested as well. I'm going to go ahead and select your answer as the "solution" if only because there doesn't seem to be any indication that a true solution - as in a couchdb update - will be forthcoming. Thanks for sharing your experience in dealing with this problem. – jigritsn Feb 14 '13 at 06:03