I'm playing around with in browser pouchdb and couchdb and and remote sync. This was all straight forward but now I'm at a roadblock that I'm not able to figure out myself. For security reasons every user of the website has its own datbase that is only accessable via the respective couchdb user.
const localDB = new PouchDB('test');
const remoteDB = new PouchDB(process.env.REMOTE_DATABASE);
const username = process.env.REMOTE_USER;
const password = process.env.REMOTE_PASSWORD;
remoteDB.login(username, password, (error, response) => {
if (error) {
console.error('Login failure', error)
} else {
console.log('Login success');
dispatch('sync');
}
});
console.log('sync');
localDB.sync(remoteDB, {live: true})
.on('change', response => {
console.log(response);
})
.on('error', error => {
console.error('Sync failure', error);
});
To create a user I need a backend layer to handle user registration and creation. THis is now problem sind i can store the admin credentials "secure" on the server. Now my problem is how to handle the pouchdb user credentials in the browser. It would be possible to ask for the credentials on the first loading of the app and then storing it in the ram but this would lead to logging in on each reload of the page. Is there any way to use like cookie/token auth?
Or is there a way to proxy the pouchdb connection through a backend proxy that handles the authentication!?
Any tips would be appreciated.
The simplest way to use cookie authentication is by using the pouchdb-authentication plugin on GitHub. If you do not want to use this then you should read this previous question (#23986912) on Stackoverflow which discusses this in more detail.
Hope this helps.