CouchApps and user authentication

Ryan Duffield picture Ryan Duffield · Feb 5, 2009 · Viewed 9.3k times · Source

I posted a variation of this question to the CouchDB user list and haven't received a response yet.

I'm curious to know if anyone else has built a so-called "CouchApp"; a pure HTML/JavaScript application hosted directly within CouchDB. If so, how did you handle user authentication? I'd like to be able to create a typical login form (username, password) and then use those credentials either against a view or some other mechanism before passing the user along to the application (while storing their (encrypted) user ID in a cookie, presumably).

I'm used to simply proxying through something like couchdb-python and a normal web server, but would like to know any best practices with respect to authenticating users in these kinds of CouchApps.

Edit: A year later, and this is now built into CouchDB. This video is a great demonstration. (Thanks Daniel!)

Answer

Jeremy Wall picture Jeremy Wall · Feb 8, 2009

CouchDB has released a simple authentication api but has no in built authentication mechanisms as of yet. The simplest and easiest way to do this is to use an http proxy for authentication. However this has limitations on how much you can restrict access on a per document basis. When CouchDB gets some more support for built-in authentication modules then it should be easier.

If you want to try your hand at coding an authentication module then you can check out the source for the javascript security_validation tests in this file: http://svn.apache.org/repos/asf/couchdb/trunk/share/www/script/couch_tests.js

and the default_authentication_handler in this file here: http://svn.apache.org/repos/asf/couchdb/trunk/src/couchdb/couch_httpd.erl

that would get you started anyway.