You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@couchdb.apache.org by wh...@aol.com on 2010/08/23 20:13:14 UTC

how do you authenticate a user to view their own database

I'm confused about the _users authentication vs the authorization for an individual database under _security.

I want a person to signup on my website so they can store their own data.  
So I create a database for them.
joesdatabase

Another user signs up and I create a database for them
bobsdatabase

now I want joe to save info in his database only
and bob to save info in his database only.

Do I have to put joe's info in the _user doc. If so why? Is that to authorize him to get into the system?
If so how do I know which databases he can read or access is that in the _security db.
How do you add info to the _security

I am totally confused about how these are set and how they work together.

Dan

Re: how do you authenticate a user to view their own database

Posted by Martin Higham <ma...@ocasta.co.uk>.

On 23 August 2010 19:13, <wh...@aol.com> wrote:

>
> I'm confused about the _users authentication vs the authorization for an
> individual database under _security.
>
> I want a person to signup on my website so they can store their own data.
> So I create a database for them.
> joesdatabase
>
> Another user signs up and I create a database for them
> bobsdatabase
>
> now I want joe to save info in his database only
> and bob to save info in his database only.
>
> Do I have to put joe's info in the _user doc. If so why? Is that to
> authorize him to get into the system?
>

Yes, _user is the authentication database so Joe needs to exist as a user of
the system


> If so how do I know which databases he can read or access is that in the
> _security db.
> How do you add info to the _security
>
>
Yes, _security controls the the ACLs for the database. To set the ACL do a
PUT of the _security document to the database. The document should look
something like

{
    "admins": {
        "names": [ "admin", "joe"],
        "roles":[]
    },
    "readers": {
        "names": ["joe"],
        "roles": []
    }
}

This would give the users "admin" and "joe" admin rights to the database and
only user "joe" could read/write to it.

If you want to change the _security settings simply GET the current
document, and then PUT the updated version

Hope this helps

Martin