pouchdb-seamless-auth icon indicating copy to clipboard operation
pouchdb-seamless-auth copied to clipboard

Published 20 hours ago verified publisher icon marten-de-vries

Sounds good...but I don't understand

Open mikeymckay opened this issue 8 years ago • 3 comments

This sounds great... I just don't understand how to use it! I've looked at the tests and I still don't get it. I'm not really clear on when I use the functions in this library vs the ones in pouchdb-auth. Could you provide some examples?

Here is the sort of use case I am after:

  • My user exists on the remote couchdb. I login to my web application, but there is no matching user in the browser's local database, so it checks the remote couchdb, finds the user, and caches it so that next time checking the remote couchdb isn't necessary.
  • My user doesn't exist locally or on the remote couchdb. So I create a new one, it gets created on the remote couchdb and on the local one so that next time checking the remote couchdb isn't necessary

mikeymckay avatar Mar 19 '16 18:03 mikeymckay

To do that, you should basically be able to call .setSeamlessAuthRemoteDB(), pause all other calls until the promise it returns resolves, and then you can use the pouchdb-seamless-auth methods. No need for pouchdb-auth, however:

This assumes that your application is only used on 'trusted' computers. pbkdf2 isn't known to be broken yet, not even when run with relatively lazy settings like CouchDB + this pouchdb-auth does, but you shouldn't rely on that. So either you need to know were your app is used, or you should ask the user if the computer is trusted. Only then use this library. If you want to still provide some fallback mode in that case, then you should look into using pouchdb-auth. This functionality would be nice to include in this plugin at some point (#7), but it isn't currently.

An (untested) example in how to use this plugin (if pouchdb-auth gives trouble, feel free to open a similar request there):

var PouchDB = require('pouchdb');
require("pouchdb-seamless-auth")(PouchDB)

var _setupCompleted;
function setupCompleted() {
  if (!_setupCompleted) {
    _setupCompleted = db.setSeamlessAuthRemoteDB('http://localhost:5984/_users');
  }
  return _setupCompleted;
}

function login(username, password) {
  // assume this function is called by the UI layer, and has verified that we're on a trusted pc.

  return setupCompleted().then(function () {
    return db.seamlessLogIn(username, password);
  });
}

// similar functions for logout, getting session info, etc.

I hope this helps. TODO: integrate the above info into the README. So let's not close this issue before that. Help welcome.

marten-de-vries avatar Mar 22 '16 16:03 marten-de-vries

Fantastic - I will test the code (next few days hopefully), and then I am happy to update the README and send you a pull request.

On Tue, Mar 22, 2016 at 7:42 PM, Marten de Vries [email protected] wrote:

To do that, you should basically be able to call .setSeamlessAuthRemoteDB(), pause all other calls until the promise it returns resolves, and then you can use the pouchdb-seamless-auth methods. No need for pouchdb-auth, however:

This assumes that your application is only used on 'trusted' computers. pbkdf2 isn't known to be broken yet, not even when run with relatively lazy settings like CouchDB + this pouchdb-auth does, but you shouldn't rely on that. So either you need to know were your app is used, or you should ask the user if the computer is trusted. Only then use this library. If you want to still provide some fallback mode in that case, then you should look into using pouchdb-auth. This functionality would be nice to include in this plugin at some point (#7 https://github.com/marten-de-vries/pouchdb-seamless-auth/issues/7), but it isn't currently.

An (untested) example in how to use this plugin (if pouchdb-auth gives trouble, feel free to open a similar request there):

var PouchDB = require('pouchdb'); require("pouchdb-seamless-auth")(PouchDB)

var _setupCompleted; function setupCompleted() { if (!_setupCompleted) { _setupCompleted = db.setSeamlessAuthRemoteDB('http://localhost:5984/_users'); } return _setupCompleted; }

function login(username, password) { // assume this function is called by the UI layer, and has verified that we're on a trusted pc.

return setupCompleted().then(function () { return db.seamlessLogIn(username, password); }); }

// similar functions for logout, getting session info, etc.

TODO: integrate the above info into the README. So let's not close this issue before that. Help welcome.

— You are receiving this because you authored the thread. Reply to this email directly or view it on GitHub https://github.com/marten-de-vries/pouchdb-seamless-auth/issues/5#issuecomment-199896800

mikeymckay avatar Mar 22 '16 19:03 mikeymckay

This is a great component and I tried using the code above but it doesn't quite work. The require("pouchdb-seamless-auth")(PouchDB) statement returns a promise and that needs to be incorporated into the logic. I ended up with a setup of

var _SetupCompleted = require("pouchdb-seamless-auth")(window.PouchDB)
    .then(()=> PouchDB.setSeamlessAuthRemoteDB('http://localhost:5984/_users'));

which is a promise and the login function becomes

const login = (username, password) => 
      _SetupCompleted.then(()=>PouchDB.seamlessLogIn(username, password));

which again is returning a promise

AidanNichol avatar Sep 01 '16 14:09 AidanNichol