RSS
 

Archive for October, 2011

CouchDB Security in Ruby

30 Oct

To get some background on couchDB security read here.

All the code samples below, require the Restclient rubygem. You can install it with the command:

gem install rest-client

And Require it in your code with:

require 'rest_client'

Let’s say your couchDB is in Admin Party mode. To end the admin party and add an admin user:

RestClient.put 'http://127.0.0.1:5984/_config/admins/james', '"ssstepin"',{:content_type => :json}

james is the name of the new admin, and his password is ssstepin. The password needs to be enclosed in double quote,to denote a string in the couchDB configuration.

To authenticate the admin user:

response = RestClient.post 'http://127.0.0.1:5984/_session', 'name=james&password=ssstepin',{:content_type => 'application/x-www-form-urlencoded'}
puts response.cookies
# => {"AuthSession"=>"b2tlOjRFQUJCNzE0OkXtpl9cxR_zbIxvlvW2J60txIwT", "Version"=>"1", "Path"=>"%2F"}

This returns the authentication token for making future requests, on behalf of the authenticated user.

To add a new admin user:

RestClient.put 'http://127.0.0.1:5984/_config/admins/david', '"wuzz234"',{:cookies => {"AuthSession" => "b2tlOjRFQUJCNzE0OkXtpl9cxR_zbIxvlvW2J60txIwT"}}

We added a new admin david with password wuzz234, we made the request on behalf of james (see the AuthSession token, we are using the same token generated for james).

To delete the new admin user:

RestClient.delete 'http://127.0.0.1:5984/_config/admins/david',{:cookies => {"AuthSession" => "b2tlOjRFQUJCNzE0OkXtpl9cxR_zbIxvlvW2J60txIwT"}}

We deleted the admin david, we made the request on behalf of james (see the AuthSession token). If you delete all admins CouchDB will switch back to Admin Party.

To create a non-admin user:

salt = "somerandomstring123"
password = "seenow109"
password_sha = Digest::SHA1.hexdigest(password + salt)
 
user_hash = { :type => "user",
                   :name => "nancy",
                   :password_sha => password_sha,
                   :salt => salt,
                   :roles => []
                  }
 
 
 str = Yajl::Encoder.encode(user_hash)
 
RestClient.put "http://127.0.0.1:5984/_users/org.couchdb.user:nancy", str, {:content_type => :json, :accept => :json}

We created the non-admin user nancy with password seenow109. The above code implements in ruby code the security features explained here. Note that non-admins are authenticated with the same API call as admins.

To create a new database with the authenticated admin user:

RestClient.put 'http://127.0.0.1:5984/contacts', {:content_type => :json},{:cookies => {"AuthSession" => "b2tlOjRFQUJCNzE0OkXtpl9cxR_zbIxvlvW2J60txIwT"}}

We created a new database called contacts. This request was made by the user james, notice the AuthSession token in the request.

To add a security object to the contacts database:

security_hash = { :admins => {"names" => ["nancy"], "roles" => ["admin"]},
                   :readers => {"names" => ["nancy"],"roles"  => ["admin"]}
                  }
security = Yajl::Encoder.encode(security_hash)
 
response = RestClient.put 'http://127.0.0.1:5984/contacts/_security',security,{:cookies => {"AuthSession" => "b2tlOjRFQUJCNzE0OkXtpl9cxR_zbIxvlvW2J60txIwT"}}

The above example uses the yajl-ruby gem to encode the ruby hash to JSON.

To add a new document to the contacts database with the authenticated user session

data = { :name => 'sunny',
         :email => 'sunny@winter.com'
         }
 
 str = Yajl::Encoder.encode(data)
 
 RestClient.put "http://127.0.0.1:5984/contacts/sunny", str, {:cookies => {"AuthSession" => "b2tlOjRFQUJCNzE0OkXtpl9cxR_zbIxvlvW2J60txIwT"}}

We added a document with _id sunny to the contacts database. The above example also uses the yajl-ruby gem for json encoding.

I hope this was helpful. If you find any errors or have suggestions please let me know in the comments.

 
 

Best Video Game Trailer Ever: Dead Island

22 Oct

One problem I’ve always had with video games, is that they can’t connect with you emotionally, the way movies do. This game Dead Island maybe able to change that. Watch it’s trailer below;

It’s amazing how they told this very emotional story in 3 minutes. I’m not a gamer but I might try this game, even if it’s just to get back at those zombies for that little girl.

I hope the game lives up to expectations.

 
 

RIP Steve Jobs

06 Oct


I am going to miss Steve Jobs. He was like a modern day Walt Disney. Just a true innovator. Steve, you will be missed by this hacker and a billion others. Thank you for sharing your dreams with the world. Things will never be the same again.
Rest in peace great one.

 
No Comments

Posted in Business

 
 
Premium Wordpress Plugin