You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@couchdb.apache.org by Zachary Zolton <za...@gmail.com> on 2010/04/01 02:56:24 UTC

Re: Require login to see any data in a CouchApp?

That's fair, I'll make a separate login DB+app.

Is there some way I can replace that "unauthorized error" JSON
response with a redirect to my login page? Given that the auth cookie
times out, I'll need to send users back to login screen occassionally.

If not, perhaps this would be a useful feature.

—ZZ

On Wed, Mar 31, 2010 at 1:41 PM, J Chris Anderson <jc...@gmail.com> wrote:
>
> On Mar 31, 2010, at 11:34 AM, Zachary Zolton wrote:
>
>> Howdy,
>>
>> So, I'm building a CouchApp where I want only logged in users to be
>> able to see any data. My problem is that if I add a role to the reader
>> list in the DB security object, the user can't see my login page
>> (which is just an HTML attachment on my ddoc), since any requests on
>> that database result in a unauthorized error.
>>
>> Two workarounds:
>>
>> 1) have an app-layer middle layer (i.e. Sinatra, Node.JS, PHP, etc) to
>> which I say "boo"
>>
>> 2) have a second database + couchapp (without readers restriction) to
>> handle the login page, but that sounds like too much hassle
>>
>
> #2 is the only way I can think of.
>
> Users's won't know that the login screen is hosted from a public db. They just follow links.
>
>> Any better ideas?
>>
>>
>> Cheers,
>>
>> Zach
>>
>> P.S. will release to github soon!
>
>

Re: Require login to see any data in a CouchApp?

Posted by J Chris Anderson <jc...@gmail.com>.

On Mar 31, 2010, at 6:01 PM, David Goodlad wrote:

> On Thu, Apr 1, 2010 at 11:56 AM, Zachary Zolton
> <za...@gmail.com> wrote:
>> That's fair, I'll make a separate login DB+app.
>> 
>> Is there some way I can replace that "unauthorized error" JSON
>> response with a redirect to my login page? Given that the auth cookie
>> times out, I'll need to send users back to login screen occassionally.
>> 
>> If not, perhaps this would be a useful feature.
> 
> Agreed, I've run into this as well.
> 

I'd be happy to see this. Shouldn't be hard to write. It's probably worth discussing the implementation plan on the dev list to make sure it's a simple as possible. 

Chris

Re: Require login to see any data in a CouchApp?

Posted by David Goodlad <da...@goodlad.ca>.

On Thu, Apr 1, 2010 at 11:56 AM, Zachary Zolton
<za...@gmail.com> wrote:
> That's fair, I'll make a separate login DB+app.
>
> Is there some way I can replace that "unauthorized error" JSON
> response with a redirect to my login page? Given that the auth cookie
> times out, I'll need to send users back to login screen occassionally.
>
> If not, perhaps this would be a useful feature.

Agreed, I've run into this as well.

Dave