Skip to content

Instantly share code, notes, and snippets.

Last active March 13, 2021 21:08
Show Gist options
  • Star 13 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save nolanlawson/9676093 to your computer and use it in GitHub Desktop.
Save nolanlawson/9676093 to your computer and use it in GitHub Desktop.
Solving "one database per user" in CouchDB/IrisCouch/Cloudant


Security in a single CouchDB can only be set up to do either:

  • Everyone can read/write everything (admin party)
  • Everyone can read, some can write
  • Some can read everything, and those same people can write everything

So in the very common situation where you want user data to be private, the current best practice is to give every user a database. This sounds nuts at first, but it turns out that databases are cheap in CouchDB; Cloudant boasts that 100k databases in a single Couch is not uncommon (source).

However, actually implementing one database per user is not open-and-shut. You need a separate server process outside of CouchDB to handle it. Everyone has their own solution; here are some popular ones:

Update: the CouchDB docker image now has a built-in couch-per-user support, making this much easier to implement:

Copy link

@gastonmorixe Thanks for your tip! I'm gonna try this out later, and see what happens. Have you tried this in a production environment, such as AWS or Cloudant or something similar?

Finally the implementation of the database-per-user using just the native Couch roles system was far more easy than I believed. The only cuestionable thing is that I had to implement a server-side endpoint to manage this configuration when a new user/db is created, but it's fine for my requirements.
Thanks for your help!

Copy link

if we have per user database wouldn't it be super painful to do multiple remote replicas?

Copy link

motin commented Sep 18, 2018

As for Cloudant, I have found (covered in and ):

Cloudant Envoy
Cloudant Envoy is a microservice that sits between your mobile or web application and your cloud database, allowing users to replicate your data layer, but handling the authentication and data segregation so that each user only sees his or her own data.

I am unsure if it is used by anyone though - no activity on the Github repo for over a year. There is also (covered in but it seems even less used/tried.

Copy link

fredguth commented Jan 8, 2019

@motin, I was checking the same. It seems interesting. I am not sure if it is an overkill for most though.

Copy link

danielfoxp2 commented Jul 24, 2019

I loved the possibility of auto sync between front and back end databases using PouchDB and CouchDB, plus resolving conflicts it's a beauty. But I am not being able to wrap my head around these security strategies and make it work with my needs. Probably I am missing something, but neither per_user or for all seems to fit in my app.

This is so frustrating.

The last sentence of this doubt below is one of the issues for me too, besides others:
pouchdb/pouchdb#3732 (comment)

Copy link

zim32 commented Nov 10, 2020

I know this is old post, but what if you make an http proxy between.browser and global db, intercept replicate requests add view or filter function to request and pass to original database?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment