Access Control in MongoDB

Lets say an application is written purely using JavaScript with node.js that connects directly to the MongoDB backend.

In this scenario is it possible to have a secure application whe开发者_开发问答re users login and have privilege separation like administrative/user/guest. If so how does this work? What would it require?

Node.js has some modules for various authentication methods, connect-auth looks like a good place to start. You could then map your authenticated node.js credentials to a MongoDB database user when connecting to the database.

Security in MongoDB is currently fairly basic, user permissions restrict access per database and can be either read/write or read-only, so you might use a database per user.

CouchDB has a concept of users and authentication.

Take a look at the _users database documentation

I have some code that talks to _users