On 5 December 2016 at 09:05, Nicholas Outram <[email protected]> wrote: > > 2. What is the best practise for managing users and sign-in? There is the > notion of ‘users’ in couch, but I’m unclear where they fit into the greater > scheme of things. For a traditional middleware + SQL server, there would > typically be one database user with imposed limited privileges (for security, > no drop table etc..), and end-user credentials would be hashed and stored in > tables by the middleware. Is the model similar in CouchDB, or more fluid? I > could also use client side encryption and store student credentials in a > single document (as described in the Wiki).
Locally we had a working pilot of CouchDB 1.6.1 setup with the couch_jwt_auth plugin, create_user_db plugin (https://github.com/buckett/create-user-db). We used https://auth0.com to create the JWT tokens and integrated that with our local single sign on solution using OAuth 2. As you suggest this allowed us to not have anything serverside apart from CouchDB. If you're storing credentials directly in CouchDB then there's https://github.com/etrepum/couchperuser which creates the DB when a new user is created. -- Matthew Buckett VLE Developer WebLearn, Academic IT IT Services, University of Oxford 13 Banbury Road, OX2 6NN Tel: 01865 283349
