Skip to content

Latest commit

 

History

History
113 lines (75 loc) · 4.04 KB

README.md

File metadata and controls

113 lines (75 loc) · 4.04 KB

Myapp

Known Vulnerabilities

This README outlines the details of collaborating on this Ember application.

Working example

https://bloggr.exmer.com/

Prerequisites

You will need the following things properly installed on your computer.

Installation

To get up and running with this project:

  • git clone this repository and cd into it cd ember-cli-blog
  • npm install to install npm dependencies
  • ember s to start the server!

Data will be stored in an in memory database and if configured, also replicated to a CouchDB instance.

Optional Installation

To setup CouchDB data replication, configure ENV.remote_couch inside ./config/environment.js to point to your CouchDB location.

To setup a CouchDB instance on your own machine:

  • install couchDB from http://couchdb.apache.org/
  • npm install -g add-cors-to-couchdb
  • add-cors-to-couchdb
  • update config/environment.js local_couch and remote_couch to your CouchDB instance name.
  • update config/environment.js ENV.rootURL in the production environment
  • To use deploy create a file .env.deploy.production in the root of this project containing something like db=https://username:password@my.couchcluster.com/bloggr

Running

Running Tests

  • ember test
  • ember test --server

Building

  • ember build (development)
  • ember build --environment production (production)

Deploy

To deploy to your CouchDB cluster

  • ember deploy production (Set your credentials in the .env.deploy.production file)

Authentication

ember-simple-auth-pouch authenticator with custom data adapter to setup push replication after login. See /src/simple-auth/authenticators/pouch.js and /src/data/models/application/adapter.js for further details.

Authorization

CouchDB write protected database:

Registration required example for write permission: Add users in the normal CouchDB way. For example by adding the following document to the _users database:

{
  "_id": "org.couchdb.user:test",
  "name": "test",
  "password": "test",
  "roles": [
    "user"
  ],
  "type": "user"
}

After that you can protect your bloggr database from unauthorized writes by adding the following design document to the bloggr database.

{
  "_id": "_design/only_users_write",
  "validate_doc_update": "function (newDoc, oldDoc, userCtx) {\n\tif (userCtx.roles.indexOf(\"user\") == -1 && userCtx.roles.indexOf(\"_admin\") == -1) {\n\t\tthrow({unauthorized: \"Only registered users can save data!\"});\n\t}\n}"
}

For the free CloudStation you have to create an User and a Database and insert the userdocument from above. Make sure to update your config/environment.js remote_couch and rootURL to match your production settings. Typical rootURL values are / and /yourdb/_design/myapp/_rewrite/ If you run your own CouchDB you can use the Hoodie CouchDB User Management App to create users.

Secret route

There is one secret route setup to demonstrate how to use ember-simple-auth to protect routes. More instructions can be read there.

Further Reading / Useful Links