stackoom
  简体   繁体   中英

Securing couchdb and pouchdb replication

 原文  2016-04-03 20:18:56       couchdb/ pouchdb

Question

I am trying to get my head around security in couchdb replication. I am looking at using pouchdb locally on clients and have the clients sync with a central couchdb. Each client has a doc that only they should be able to sync bidirectionally. How do I ensure users can only sync their own documents, yet have shared documents replicated one-way from couchdb to clients?

2 answers

solution1
 0  2016-07-14 20:18:13

You can use "pouchdb-authentication" ( https://github.com/nolanlawson/pouchdb-authentication)to secure your connection and PouchDB itself to sync the data with a remote CouchDB server ( https://pouchdb.com/api.html#sync ).

Use a "_design" document in each database to restrict access in a users database.

solution2
 0  2019-04-06 13:57:07

One database per user is quite common for CouchDB. In that case, you can allow each user to only access his own database:

https://stackoverflow.com/a/11686674

If each user needs just one document, then each database contains just one doc!

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question PouchDB to CouchDB replication Ionic app Filtered replication from couchdb to pouchdb PouchDb to CouchDb replication with authentication header PouchDB filtered replication from couchDB not filtering PouchDB/CouchDB Replication Fails with Method Not Allowed Version-Compatbility for PouchDB-Replication with CouchDB Chrome local IndexedDB (PouchDB) replication to CouchDB problem Request for feedback: Couchdb setup with client replication (pouchdb) for multiple users/accounts PouchDb to CouchDb replication with non server admin user authentication Error during PouchDB to CouchDB replication - “Only DELETE,GET,HEAD,POST allowed”
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM