How can I create regular, non-admin users in CouchDB?
First you put the user in _users
database. The ID of the document must be org.couchdb.user:username
, e.g.
With CouchDB 1.2.0 or later use this:
{
"_id": "org.couchdb.user:dbreader",
"name": "dbreader",
"type": "user",
"roles": [],
"password": "plaintext_password"
}
CouchDB will hash & salt the password for you on the server side and save the values in the fields password_sha
and salt
(see below).
With CouchDB < 1.2.0 the user document needs to look like this:
{
"_id": "org.couchdb.user:dbreader",
"name": "dbreader",
"type": "user",
"roles": [],
"salt": "54935938852dd34f92c672ab31e397cedaf0946d",
"password_sha": "42253ea4461a604f967813aaff90b139d7018806"
}
Note that CouchDB 1.3.0 and later will use PBKDF2 instead of aha & salt for hashing the password.
Then you can create per database authentication by creating document with id _security in specific database which is not versioned, e.g.
{
"admins": {
"names": ["dbadmin"],
"roles": ["editor"]
},
"readers": {
"names": ["dbreader"],
"roles": ["reader"]
}
}
This means that there are 2 users in _users
besides the admin dbadmin and dbreader. That should do in case you are too lazy to read the document that has already been suggested.