pouchdb-admins v1.0.6
pouchdb-admins
PouchDB plugin to simulate CouchDB’s admin accounts
pouchdb-admins mimics how CouchDB stores a map of admin accounts in its configuration.
Example
var PouchDB = require('pouchdb')
PouchDB.plugin(require('pouchdb-admins'))
var db = new PouchDB('my-users')
var admins = db.admins({
secret: 'secret123'
})
admins.get('kim').then(function (doc) {
console.log('"%s" is an admin', doc.name)
})
admins.validatePassword('pat', 'secret').then(function () {
// "pat" is admin and "secret" is correct password
})
admins.on('change', function (adminMap) {
// adminMap is all admins with their hashed password
// {
// "kim": "-pbkdf2-e079757b4cb58ae17467c8befe725778ce97e422,0aef36ccafa33f3e81ae897baf23f85c,10"
// }
})
admins.on('add', function (username) {
console.log('%s added as admin', username)
})
admins.on('update', function (username) {
console.log('password updated for %s', username)
})
admins.on('remove', function (username) {
console.log('%s removed from admins', username)
})API
Factory
db.admins(options)Returns admins API.
Throws
Example
var admins = db.admins({
secret: 'secret123',
admins: {
kim: '-pbkdf2-e079757b4cb58ae17467c8befe725778ce97e422,0aef36ccafa33f3e81ae897baf23f85c,10'
}
})admins.get()
Looks up admin account by username
admins.get(username)Resolves without doc for admin as if it would be stored in CouchDB’s _users
but without a _rev property.
{
id: 'org.couchdb.user:kim',
type: 'user',
name: 'kim',
password_scheme: 'pbkdf2',
derived_key: 'e079757b4cb58ae17467c8befe725778ce97e422',
salt: '0aef36ccafa33f3e81ae897baf23f85c',
iterations: 10,
roles: ['_admin']
}Rejects with
Example
admins.get('kim')
.then(function () {
console.log('"kim" is an admin')
})
.catch(function (error) {
if (error.name === 'not_found') {
console.log('"kim" is not an admin')
} else {
// something unforeseen happened
console.log(error)
}
})Session validation example
var isValidSessionId = require('couchdb-is-valid-session-id')
admins.get('kim')
.then(function (doc) {
if (!isValidSessionId('secret123', doc.salt, sessionId)) {
throw new Error('Invalid sesion')
}
// kim has valid session
})admins.set()
Adds or updates admin password
admins.set(username, password)Resolves without argument. Rejects with
Example
admins.set('pat', 'secret')
.then(function () {
// pat added as admin with hashed password, or existing password updated
})admins.validatePassword
Validates password of admin account
admins.validatePassword(username, password)Resolves without argument. Rejects with
Example
admins.validatePassword('pat', 'secret')
.then(function () {
// "pat" is admin and "secret" is correct password
})
.catch(function (error) {
switch (error.name) {
case 'unauthorized':
// "pat" is admin but "secret" is incorrect password
break
case 'not_found':
// "pat" is not an admin
break
default:
// something unforeseen happened ...
console.log(error)
}
})calculateSessionId()
tbd
validateSession()
tbd
Events
admins is an event emitter and exposes
all methods .on, once, .removeListener etc.
How it works
Here an excerpt of a couch.ini that stores a map of two admin accounts with
their hashed passwords. The format is -{password scheme}-{derived key},{salt},{iterations}.
[admins]
admin=-pbkdf2-e079757b4cb58ae17467c8befe725778ce97e422,0aef36ccafa33f3e81ae897baf23f85c,10
anotheradmin=-pbkdf2-67c8befe725778ce97e422e079757b4cb58ae174,7baf23f85c0aef36ccafa33f3e81ae89,10Testing
Local setup
git clone git@github.com:hoodiehq/pouchdb-admins.git
cd pouchdb-admins
npm installRun all tests and code style checks
npm testRun all tests on file change
npm run test:watchRun tests from single file
node tests/integration/constructor-test.js
# PROTIP™: pipe output through https://www.npmjs.com/package/tape#pretty-reporters