Helper module to use standard CouchDB _users db on a Cloudant db.
When _users db is enabled, Cloudant uses an old version of CouchDB auth which requires the salt and sha1-hashed password to be included with user creation.
https://cloudant.com/for-developers/faq/auth/
So, if you'd like to run your own npm registry with the solid hosting of Cloudant, this module is a huge help. I use it to create user accounts for our private npm.
git clone https://github.com/doublerebel/cloudant-user.git
PUT _security-docs/_security-couchdb.json
to youruser.cloudant.com/yourdbname/_security to enable standard CouchDB auth for that database.
curl -X PUT -d @_security-docs/_security-couchdb.json https://youruser.cloudant.com/yourdbname/_security
When switching to CouchDB auth, it's useful to define the admin role as your existing Cloudant user. The admin user will be able to create/read/update/delete all other users in this database.
We can also limit this database to users which have a role "npm".
_security-docs/_security-cloudant.json
{
"couchdb_auth_only": true,
"admins": {
"names": ["your-cloudant-username"],
"roles": ["_admin"]
},
"members": {
"names": [],
"roles": ["npm"]
}
}
PUT _security-docs/_security-cloudant.json
to youruser.cloudant.com/yourdbname/_security to reset auth to Cloudant management for that database.
curl -X PUT -d @_security-docs/_security-cloudant.json https://youruser.cloudant.com/yourdbname/_security
Example scripts to add a user to Cloudant. Create one of these scripts and run with coffee scriptname.coffee
or node scriptname.js
.
Server options are passed directly to cradle.
CloudantUser = require "cloudant-user"
server =
host: your-cloudant-user.cloudant.com
port: 443
secure: true
auth:
username: "your-admin-username"
password: "your-admin-password"
newuser =
name: "your-newuser-name"
password: "your-newuser-pass"
roles: ["_reader","_writer"]
callback = (err, res) ->
console.log err if err
console.log res if res
cloudantUser = new CloudantUser server
cloudantUser.create newuser.name, newuser.password, newuser.roles..., callback
var CloudantUser = require("cloudant-user");
var server = {
host: your-cloudant-user.cloudant.com,
port: 443,
secure: true,
auth: {
username: "your-admin-username",
password: "your-admin-password"
}
};
var newuser = {
name: "your-newuser-name",
password: "your-newuser-pass",
roles: ["_reader", "_writer"]
};
var callback = function(err, res) {
if (err) console.log(err);
if (res) return console.log(res);
};
var cloudantUser = new CloudantUser(server);
cloudantUser.create(newuser.name,
newuser.password,
newuser.roles[0],
newuser.roles[1],
callback);
Create a user with email (required by npm)
npmCreate(username, password, email, roles..., callback)
Create a user with arbitrary metadata
metadata =
shrike: true
timewarp: false
createWithMeta(username, password, email, roles..., metadata, callback)
On Cloudant, a user without both roles "_reader" and "_writer" will be unable to change their password. Therefore, all normal users should be created with these roles.
Futon is available for any Cloudant database at https://cloudant.com/futon . Login there with your Cloudant account username and password.
This module is originally based off of a gist by weilu.
Copyright 2014-2016 doublerebel. MIT licensed.