- CouchDB and PHP Web Development Beginner’s Guide
- Tim Juravich
- 142字
- 2021-08-13 18:22:54
Time for action — anonymously accessing the _users database
Let's go through a quick exercise of calling a curl statement to the _users database to see why it's important to secure our data.
- Open Terminal.
- Run the following command, replacing
your_usernamewith the username of the server admin that you just created.curl localhost:5984/_users/org.couchdb.user:your_username | python -mjson.tool - Terminal will respond with something similar to:
{ "_id": "org.couchdb.user:your_username", "_rev": "1-b9af54a7cdc392c2c298591f0dcd81f3", "name": "your_username", "password_sha": "3bc7d6d86da6lfed6d4d82e1e4d1c3ca587aecc8", "roles": [], "salt": "9812acc4866acdec35c903f0cc072c1d", "type": "user" }
What just happened?
You used Terminal to create a curl request to read the document containing your server admin's data. The passwords in the database are encrypted, but it's possible that someone could still unencrypt the password or use the usernames of the users against them. With that in mind, let's secure the database so that only administrators can access this database.
推薦閱讀
- HTML5+CSS3+JavaScript從入門到精通:上冊(微課精編版·第2版)
- Unreal Engine Physics Essentials
- Java程序設計與開發
- React Native Cookbook
- PHP 編程從入門到實踐
- Python貝葉斯分析(第2版)
- 低代碼平臺開發實踐:基于React
- Windows Phone 7.5:Building Location-aware Applications
- 細說Python編程:從入門到科學計算
- Buildbox 2.x Game Development
- GitHub入門與實踐
- Mastering JavaScript Promises
- 虛擬現實:引領未來的人機交互革命
- Implementing Splunk(Second Edition)
- Appcelerator Titanium Smartphone App Development Cookbook