- CouchDB and PHP Web Development Beginner’s Guide
- Tim Juravich
- 142字
- 2021-08-13 18:22:54
Time for action — anonymously accessing the _users database
Let's go through a quick exercise of calling a curl statement to the _users database to see why it's important to secure our data.
- Open Terminal.
- Run the following command, replacing
your_usernamewith the username of the server admin that you just created.curl localhost:5984/_users/org.couchdb.user:your_username | python -mjson.tool - Terminal will respond with something similar to:
{ "_id": "org.couchdb.user:your_username", "_rev": "1-b9af54a7cdc392c2c298591f0dcd81f3", "name": "your_username", "password_sha": "3bc7d6d86da6lfed6d4d82e1e4d1c3ca587aecc8", "roles": [], "salt": "9812acc4866acdec35c903f0cc072c1d", "type": "user" }
What just happened?
You used Terminal to create a curl request to read the document containing your server admin's data. The passwords in the database are encrypted, but it's possible that someone could still unencrypt the password or use the usernames of the users against them. With that in mind, let's secure the database so that only administrators can access this database.
推薦閱讀
- Learning Scala Programming
- UNIX編程藝術
- Visual C++程序設計教程
- 零基礎玩轉區塊鏈
- 算法基礎:打開程序設計之門
- Vue.js快跑:構建觸手可及的高性能Web應用
- Mastering Kotlin
- Learning Python Design Patterns(Second Edition)
- CouchDB and PHP Web Development Beginner’s Guide
- 零基礎輕松學SQL Server 2016
- 程序是怎樣跑起來的(第3版)
- ExtJS高級程序設計
- 從零開始學C語言
- Serverless Web Applications with React and Firebase
- FFmpeg開發實戰:從零基礎到短視頻上線