https://stackoverflow.com/q/64056888
git clone THIS_GIST_URL pouch-demo
cd pouch-demo
mkdir databases
npm install
node server.js
Then in another console tab:
node client.js
All PouchDB clients will connect to and replicate with the /db
route, but they can't pick the PouchDB/CouchDB database they want to work with: they must provide X-Pouch-Db
header to specify the database name they want. This is a stand-in for cookie/token authentication/authorization that Node/Express control on their own (since PouchDB-Server's security may be problematic, and CouchDB auth is weird). The Express server, specifically the part outside PouchDB-Server, actually rewrites the URL requested to include the PouchDB database name.
Right now, the server just requires the database name (the value of X-Pouch-Db
) to be four characters long before it allows the PouchDB database to be created or accessed. But hopefully it's easy to imagine Passport.js-based auth here. This should ensure that if a user is authorized to view only one database, they can't see other databases.
Please upvote https://stackoverflow.com/a/64065545 if helpful.