couchdb - PouchDB sync authorization? -
how ensure current user has authorization access couchdb database via pouchdb? experimentation, calling new pouchdb() method couchdb database name grants access data.
setting require_valid_user true in futon seems work, futon modal window still pops after authenticating user via post /_session. want have standard login screen (username , password) logs user application , grants access right couchdb database (via pouchdb). can this? help appreciated.
there pouchdb plugin built nolan lawson provides pouchdb authentication api:
var db = new pouchdb('http://mysite:5984/mydb'); db.login('batman', 'brucewayne').then(function (batman) { console.log("i'm batman."); homecoming db.logout(); }); here methods mixes in:
signup login logout getsession getuserto prevent browser http basic authentication modal dialogs of ye olde times, have subtle in way utilize pouchdb. prevent rouge unauthenticated request couchdb (used check whether remote db exists), pass skipsetup: true in pouch's constructor options. secondly, authenticate request against _session, add together http basic authorization header db.login()'s ajax options.
var user = { name: 'admin', password: 'admin' }; var pouchopts = { skipsetup: true }; var ajaxopts = { ajax: { headers: { authorization: 'basic ' + window.btoa(user.name + ':' + user.password) } } }; var db = new pouchdb('http://localhost:5984/test', pouchopts); db.login(user.name, user.password, ajaxopts).then(function() { homecoming db.alldocs(); }).then(function(docs) { console.log(docs); }).catch(function(error) { console.error(error); }); couchdb pouchdb
No comments:
Post a Comment