weixin_39834780
2020-12-02 09:06 阅读 0

Cloudant Support

Make sure Hoodie runs fine on Cloudant.

该提问来源于开源项目:hoodiehq/hoodie-server

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享

10条回答 默认 最新

  • weixin_39889337 weixin_39889337 2020-12-02 09:06

    Thanks for raising this issue.

    It looks like the minimum CouchDB version supported by hoodie is 1.2.0, and Cloudant seems to be running 1.0.2. I just created a Cloudant account and tried starting a hoodie app setting COUCH_URL to the Cloudant URL. Something like:

    
    COUCH_URL=https://user:password.cloudant.com hoodie start
    

    App won't start and error confirms CouchDB version not supported:

    
    Error: The version of CouchDB you are using is out of date.
    Please update to the latest version of CouchDB.
    

    On a different note, once we get past the version mismatch, I found that there is an extra step in setting up a Cloudant couch to use CouchDB's _users database for authentication.

    From https://cloudant.com/for-developers/faq/auth/

    Can I use CouchDB security features (_users database, security objects, validation functions) on Cloudant? Yes you can. If you want to use the _users database you must first turn off Cloudant's own security for the roles you want to manage via _users. To do this you need to PUT a JSON document like the following to the _security endpoint of the database (for example https://USERNAME.cloudant.com/DATABASE/_security):

     javascript
    {
      "readers": {
        "names":["demo"],"roles":[]
      }
    }
    
    点赞 评论 复制链接分享
  • weixin_39801879 weixin_39801879 2020-12-02 09:06

    Hi,

    I'm curious if there has been any further analysis of this. It's tagged as "easy" but it seems as though there is a mismatch between Hoodie's existing user plugin (https://npmjs.org/package/hoodie-plugin-users) and what would be required for Cloudant. Hoodie is using the entire CouchDB instance as its application DB, mapping app users to entries in CouchDB _users, and programmatically creating a new, permissioned DB for each user.

    In Cloudant, a DB is owned by the Cloudant account, and adding new users to the permissions grants permissions to other Cloudant accounts, not app users. There is no concept of application-level users in Cloudant.

    It seems to me that at the very least you would need to rework the user plugin to support: - Namespacing the created DBs (e.g. prefixed with appname_ ) so that a Cloudant account (or CouchDB instance) could support more than one Hoodie app - A user-specified admin username (maybe this is a config option already? I am always asked for the "admin" password when I start Hoodie). - Have authorization enforced at the Hoodie server level instead of depending on the DB.

    Items 1 and 2 seem reasonable anyway for better support of Hoodie with a non-local CouchDB.

    点赞 评论 复制链接分享
  • weixin_39834780 weixin_39834780 2020-12-02 09:06

    The last time I talked to Cloudant folks, I was told the _users DB is supported as-is, so I hope not too many changes are required. The bigger items after auth would be where we require the CouchDB 1.2.0 or later API.

    点赞 评论 复制链接分享
  • weixin_39834780 weixin_39834780 2020-12-02 09:06

    cc (the Cloudant person I talked to :)

    点赞 评论 复制链接分享
  • weixin_39670464 weixin_39670464 2020-12-02 09:06

    Hi and . We do support the _users DB, more info here: https://cloudant.com/for-developers/faq/auth/ under the "Can I use CouchDB security features (_users database, security objects, validation functions) on Cloudant?" section.

    One gotcha, we do not yet support the _users updates in CouchDB 1.2 and beyond, in particular you'll need to provide your own password_hash and salts, and we don't support the user level security for user docs and things like public fields.

    We'll be working on the user system this year, so stay tuned for updates, but for the time being the CouchDB style _users works in Cloudant.

    点赞 评论 复制链接分享
  • weixin_39845430 weixin_39845430 2020-12-02 09:06

    hi guys,

    I remove the validation version of couchdb in https://github.com/hoodiehq/hoodie-server/blob/master/lib/utils/couch.js#L148, creating a _users database on cloudant, and start hoodie:

    
    Using remote CouchDB: https://xxxx:yyyyy.cloudant.com
    Waiting for CouchDB [---*--] SUCCESS 
    Please enter your CouchDB _admin credentials:
    prompt: Username:  xxxx
    prompt: Password:  
    

    at the first time, work!!!

    but the sync has error 403. when: GET http://192.168.1.40:6005/_api/?hoodieId=98q9jt5 {"error":"bad_password","reason":"cookie password hash was incorrect"} - [ ] there is a way to avoid the version validation? - [ ] and some knows what can be this? - [ ] when the hoodie is stoped and try start again he ask me only the password and show me this:

    
    Initializing...
    Using remote CouchDB: https://xxxxx.cloudant.com
    Waiting for CouchDB [-----*] SUCCESS 
    prompt: Please set an admin password :  
    WWW:    http://127.0.0.1:6005
    Admin:  http://127.0.0.1:6006
    
    ERR! Error: unauthorized
    ERR! Name or password is incorrect
    ERR!     at IncomingMessage.<anonymous> (/home/gabriel/Documents/github/goappes/hoodie/golearn/node_modules/hoodie-server/node_modules/couchr/couchr-node.js:169:35)
    ERR!     at IncomingMessage.EventEmitter.emit (events.js:117:20)
    ERR!     at _stream_readable.js:920:16
    ERR!     at process._tickDomainCallback (node.js:459:13)
    
    </anonymous>

    (cc )

    点赞 评论 复制链接分享
  • weixin_39834780 weixin_39834780 2020-12-02 09:06

    from IRC:

    
    [23:58:57]  <rnewson>    yeah, we don't the server-side hashing, is that what you mean?
    [00:03:02]  <jan____>    ok, that’s the dealbreaker. The fix is to adjust our frontend code to do things client-side, or you add that to the API. so far we’ve chosen to wait for you :)
    [00:10:36]  <jan____>    the compat issue is purely in the frontend code, we just put the stop in the server code, because that is easier to communicate.
    [00:10:57]  <jan____>    you disabled the sanity check and the server doesn’t care much more, it seems, so that succeeds.
    [00:13:29]  <jan____>    the frontend won’t be able to create a valid user in cloudant
    [00:14:35]  <jan____>    you could patch the frontend to use pre-1.2-style user docs.
    [00:14:57]  <jan____>    I need to leave it to rnewson to explain how that works, as I should have been asleep about two hours ago.
    [00:15:24]  <jan____>    the fix would be in https://github.com/hoodiehq/hoodie.js/blob/master/src/hoodie/account.js
    </jan____></jan____></jan____></jan____></jan____></jan____></jan____></rnewson>
    点赞 评论 复制链接分享
  • weixin_39834780 weixin_39834780 2020-12-02 09:06

    Here’s what could be done: 1. patch hoodie.js to create pre 1.2 style user docs. 2. patch hoodie-server to allow version number 1.0.2 when the server name is `"Cloudant" 3. profit e.g. see what’s next

    There might be something about /_db_updates being slightly different, but that remains to be seen.

    So far we’ve not done this because it is extra code for very little gain in hoodie.js and it hasn’t been a priority for us so far, but if anyone (nudge nudge) would want to contribute this, we’d be happy to merge it :)

    点赞 评论 复制链接分享
  • weixin_39834780 weixin_39834780 2020-12-02 09:06

    the new architecture will not depend on _users being exposed to the client, so we should™ be fine then

    点赞 评论 复制链接分享
  • weixin_39589241 weixin_39589241 2020-12-02 09:06

    In case anyone finds this and needs such a tool, here's a JS module I created a while back for Cloudant _users db: https://github.com/doublerebel/cloudant-user

    Available from npm as cloudant-user.

    点赞 评论 复制链接分享

相关推荐