cloudant-user
Advanced tools
Helper module to use standard CouchDB _users db on a Cloudant db.
When _users db is enabled, Cloudant uses an old version of CouchDB auth which requires the salt and sha1-hashed password to be included with user creation.
https://cloudant.com/for-developers/faq/auth/
So, if you'd like to run your own npm registry with the solid hosting of Cloudant, this module is a huge help. I use it to create user accounts for our private npm.
git clone https://github.com/doublerebel/cloudant-user.git
PUT _security-docs/_security-couchdb.json to youruser.cloudant.com/yourdbname/_security to enable standard CouchDB auth for that database.
curl -X PUT -d @_security-docs/_security-couchdb.json https://youruser.cloudant.com/yourdbname/_security
When switching to CouchDB auth, it's useful to define the admin role as your existing Cloudant user. The admin user will be able to create/read/update/delete all other users in this database.
We can also limit this database to users which have a role "npm".
_security-docs/_security-cloudant.json
{
"couchdb_auth_only": true,
"admins": {
"names": ["your-cloudant-username"],
"roles": ["_admin"]
},
"members": {
"names": [],
"roles": ["npm"]
}
}
PUT _security-docs/_security-cloudant.json to youruser.cloudant.com/yourdbname/_security to reset auth to Cloudant management for that database.
curl -X PUT -d @_security-docs/_security-cloudant.json https://youruser.cloudant.com/yourdbname/_security
Example scripts to add a user to Cloudant. Create one of these scripts and run with coffee scriptname.coffee or node scriptname.js.
Server options are passed directly to cradle.
CloudantUser = require "cloudant-user"
server =
host: your-cloudant-user.cloudant.com
port: 443
secure: true
auth:
username: "your-admin-username"
password: "your-admin-password"
newuser =
name: "your-newuser-name"
password: "your-newuser-pass"
roles: ["_reader","_writer"]
callback = (err, res) ->
console.log err if err
console.log res if res
cloudantUser = new CloudantUser server
cloudantUser.create newuser.name, newuser.password, newuser.roles..., callback
var CloudantUser = require("cloudant-user");
var server = {
host: your-cloudant-user.cloudant.com,
port: 443,
secure: true,
auth: {
username: "your-admin-username",
password: "your-admin-password"
}
};
var newuser = {
name: "your-newuser-name",
password: "your-newuser-pass",
roles: ["_reader", "_writer"]
};
var callback = function(err, res) {
if (err) console.log(err);
if (res) return console.log(res);
};
var cloudantUser = new CloudantUser(server);
cloudantUser.create(newuser.name,
newuser.password,
newuser.roles[0],
newuser.roles[1],
callback);
Create a user with email (required by npm)
npmCreate(username, password, email, roles..., callback)
Create a user with arbitrary metadata
metadata =
shrike: true
timewarp: false
createWithMeta(username, password, email, roles..., metadata, callback)
On Cloudant, a user without both roles "_reader" and "_writer" will be unable to change their password. Therefore, all normal users should be created with these roles.
Futon is available for any Cloudant database at https://cloudant.com/futon . Login there with your Cloudant account username and password.
This module is originally based off of a gist by weilu.
Copyright 2014-2016 doublerebel. MIT licensed.
FAQs
Helper module to use standard CouchDB _users db on a Cloudant db
The npm package cloudant-user receives a total of 0 weekly downloads. As such, cloudant-user popularity was classified as not popular.
We found that cloudant-user demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.