Problem
The collaborative Markdown editor StackEdit can be used with the essentially free Italian CouchDB hosting provider Couchappy to store one's documents.
StackEdit is a web service without accounts.
It connects to your Couchappy CouchDB instance, simply by providing a URL like this:
https://instance.couchappy.com/documents
The problem is that anyone in the world can do so.
According to StackEdit's CouchDB setup documentation,
one can still set permissions for CouchDB and configure StackEdit to connect to it using a URL like the one below:
https://username:password@instance.couchappy.com/documents
Questions
- How do I create additional CouchDB users in Couchappy?
- How do I enforce authentication for all CouchDB requests on Couchappy?
What I tried so far
In addition to the required configuration modifications, I added a line credentials = true. This had no effect.
[httpd]
enable_cors = true
[cors]
credentials = true
origins = http://localhost, https://stackedit.io
Couchappy's FAQ mentions something about cors headers, but CouchDB's documentation on this topic is meagre.
headers = accept, authorization, cookie, content-type
Best Answer
These are essentially CouchDB authentication related questions, not specific to Couchappy:
1. How do I create additional CouchDB users in Couchappy?
You can use Futon to create a new admin account in your Couchdb instance:
Section: admin
Option: username
Value: password
2. How do I enforce authentication for all CouchDB requests on Couchappy?
Change value of:
couch_httpd_auth->require_valid_usertotrue