用户如何登录定义了阅读者角色的沙发应用程序? [英] How does a user login to a couchapp that has a reader role defined?
问题描述
我通过Couchapp部署了我的应用程序,这意味着整个应用程序都将从数据库中提供。我不希望Couchdb数据库中的数据公开可用,因此我指定了一个用户,在我为他存储数据之前,必须具有读取者角色。但是,当我转到该应用程序时,我只能得到:
I deployed my application via Couchapp, which means that the whole application is being served out of the database. I don't want the data in the Couchdb database to publicly available, so I specified a reader role that a user must have before I server him data. When I go to the application, however, all I can get is:
{"error":"unauthorized","reason":"You are not authorized to access this db."}
因为它甚至无法提供服务上使用jquery.couch.js的登录页面。
Because it can't even serve up the login page that uses jquery.couch.js.
关于如何提供应用内登录的任何想法(即,对于需要数据读取访问权限的用户,不使用Futon登录)?
Any ideas on how to provide an in-app login (ie, login not using Futon for a user that needs data read access)?
推荐答案
这时,该解决方案需要一些工作。 (社区中存在改善这一压力的压力,但是我将解释当前答案,而不是描述提案或汽具。)
At this time, the solution requires a little bit of work. (There is pressure in the community to improve this, but I will explain the present answer instead of describing proposals or vaporware.)
建立一个欢迎垫数据库,以下功能:
Make a "welcome mat" database, with the following features:
- 具有管理员用户( jtsnake):
_security.admins = {名称 :[ jtsnake],角色:[]}
- 公众可读:
_security.readers = {名称 :[],角色:[]}}
-
具有带有
.validate_doc_update $的设计文档c $ c>函数。不允许没有任何更改,但管理员除外:
- Has an admin user ("jtsnake"):
_security.admins = {"names":["jtsnake"], "roles":[]}
- Publicly-readable:
_security.readers = {"names":[], "roles":[]}}
Has a design document with a
.validate_doc_update
function. Allow no changes except by the admin:
function(newDoc, oldDoc, userCtx, secObj) {
// _design/welcome_mat .validate_doc_update
if(! userCtx.name)
throw {"unauthorized": "Please log in to change the welcome mat"};
if(userCtx.roles.indexOf("_admin") === -1)
throw {"forbidden": "Only the admin can change the welcome mat"};
log("Allowing welcome mat update by: " + userCtx.name);
}
最后,放置您的 public 内容例如该数据库中的欢迎屏幕,登录屏幕等。用户登录后,私有数据可以进入私有数据库。
Finally, place your public content such as the welcome screen, login screen, etc. in this database. Private data can go in the private database once a user has logged in.
这篇关于用户如何登录定义了阅读者角色的沙发应用程序?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!