Per document user access control for PouchDB / CouchDB
Asked Answered
G

1

7

I wish to use PouchDB - CouchDB for saving user data for my web application, but cannot find a way to control the access per user basis. My DB would simply consists of documents using user id as the key. I know there are some solutions:

  1. One database per user - however it requires to monitor whenever a new user wants to save data in order to create a new DB, and may create a lot of DBs;

  2. Proxy between client and CouchDB - however I don't want PouchDB to sync changes for the whole DB including documents of other users in those _all_docs, _revs_diff request.

Is there any suggestion for user access control for pouchDB for a user base of around 1 million (active users around 10 thousand only)?

Gerome answered 18/5, 2015 at 4:49 Comment(2)
PouchDB definitely isn‘t good choice for 1M docs DB. Use CouchDB. You can look at github.com/ermouth/covercouch – it implements ACL for Couch keeping original API untouched.Admonitory
@Admonitory covercoach looked really interesting but is unfortunately abandoned. Do you have any idea where to go for something similar 2017?Kunstlied
W
3

The topic of a million or more databases has come up on the mailing list in the past. The conclusion was that it depends on how your operating system deals with that many files. CouchDB is just accessing parts of the .couch file when requested. Performance is related to how quickly it can find, open, access, and close that file.

There are tricks for some file systems like putting / delimiters in the database name--which will cause CouchDB to store them in matching directory structures such as groupA/userA.couch or using email-style database names com/bigbluehat/byoung.couch (or some similar).

If that's not sufficient, Apache CouchDB 2.0 brings in BigCouch code (which IBM Cloudant uses) to provide a fully auto-sharded CouchDB. It's not done yet, but it will provide scalability across multiple nodes using an Amazon Dynamo style sharding system.

Another option is to do your own username-based partitioning between multiple CouchDB servers or use IBM Cloudant (which is built for this level of scale).

All these options provide the same Apache CouchDB replication protocol and will work just fine with PouchDB sitting on the user's computer, phone, or tablet.

The user's device would then have their own database +/- any share databases. The apps on those million user devices would only have the scalability of their own content (aka hard drive space) to be concerned about. The app would replicate directly to the "cloud"-side user database for backup, web use, etc.

Hopefully something in there sounds promising. :)

Weymouth answered 28/8, 2015 at 13:50 Comment(1)
Also meant to mention the couch-peruser project--which is now part of the Apache CouchDB project github.com/apache/couchdb-peruserWeymouth

© 2022 - 2024 — McMap. All rights reserved.