用户如何登录定义了阅读者角色的沙发应用程序？ [英] How does a user login to a couchapp that has a reader role defined?

问题描述

我通过Couchapp部署了我的应用程序，这意味着整个应用程序都将从数据库中提供。我不希望Couchdb数据库中的数据公开可用，因此我指定了一个用户，在我为他存储数据之前，必须具有读取者角色。但是，当我转到该应用程序时，我只能得到：

I deployed my application via Couchapp, which means that the whole application is being served out of the database. I don't want the data in the Couchdb database to publicly available, so I specified a reader role that a user must have before I server him data. When I go to the application, however, all I can get is:

{"error":"unauthorized","reason":"You are not authorized to access this db."}

因为它甚至无法提供服务上使用jquery.couch.js的登录页面。

Because it can't even serve up the login page that uses jquery.couch.js.

关于如何提供应用内登录的任何想法（即，对于需要数据读取访问权限的用户，不使用Futon登录）？

Any ideas on how to provide an in-app login (ie, login not using Futon for a user that needs data read access)?

推荐答案

这时，该解决方案需要一些工作。 （社区中存在改善这一压力的压力，但是我将解释当前答案，而不是描述提案或汽具。）

At this time, the solution requires a little bit of work. (There is pressure in the community to improve this, but I will explain the present answer instead of describing proposals or vaporware.)

建立一个欢迎垫数据库，以下功能：

Make a "welcome mat" database, with the following features:

• 具有管理员用户（ jtsnake）： _security.admins = {名称 ：[ jtsnake]，角色：[]}


• 公众可读： _security.readers = {名称 ：[]，角色：[]}}



• 具有带有 .validate_doc_update 函数。不允许没有任何更改，但管理员除外：

• Has an admin user ("jtsnake"): _security.admins = {"names":["jtsnake"], "roles":[]}
• Publicly-readable: _security.readers = {"names":[], "roles":[]}}

• Has a design document with a .validate_doc_update function. Allow no changes except by the admin:

function(newDoc, oldDoc, userCtx, secObj) {
    // _design/welcome_mat .validate_doc_update

    if(! userCtx.name)
      throw {"unauthorized": "Please log in to change the welcome mat"};
    if(userCtx.roles.indexOf("_admin") === -1)
      throw {"forbidden": "Only the admin can change the welcome mat"};
    log("Allowing welcome mat update by: " + userCtx.name);
}

最后，放置您的 public 内容例如该数据库中的欢迎屏幕，登录屏幕等。用户登录后，私有数据可以进入私有数据库。

Finally, place your public content such as the welcome screen, login screen, etc. in this database. Private data can go in the private database once a user has logged in.

这篇关于用户如何登录定义了阅读者角色的沙发应用程序？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！