Veduz Backend

Minimal generic backend for UKUA etc.

REST-API – CORS + Basic Auth:

• GET /db/$DB – returns cbor [[key,version], ...]
  • ?gte=...&lt=...&limit=...
  • ?since=... (exclusive since, cannot be combined with gte/lt)
• GET /db/$DB/$KEY
  • ETag = version
• PUT /db/$DB/$KEY – content must be cbor
  • If-Match version
• POST /auth/otp with cbor-data: {token, contact} creates/sends a user/password (contact is an email or sms-number).
• POST /auth/login with cbor-data: {token, contact, password} returns a cbor-object: {user, password}

JS-api:

mc.getv(db, key) -> {data, version}
mc.put(db, key, val, [version])
mc.findv(db, {gte, lt, limit, since}) -> [{key, version},...]

mc.get(db, key) -> val
mc.find({gte, lt, limit, since}) -> [key, key, ...]
mc.update(db, key, val => val)

Implementation details:

Table:

• id - int PRIMARY AUTO_INC
• db – int
• key – key (varchar 256)
• val – value (cbor)
• timestamp – ms-timestamp
• uid – who put this value
• INDEX (db, key)
• INDEX (db, timestamp)

Special dbs:

• dbs – db-id: 1, {_owner, access: {read, create, update, list}}
• users – {password, roles, contact, otp, otp_ttl, otp_attempts} – internal, non-readable
• roles - {_owner, users} – also updates users roles

Special roles:

• _guest – any user
• _user – any signed-in user
• _owner - _owner of object
• _admin - has all permissions