Veduz Backend
Minimal generic backend for UKUA etc.
REST-API – CORS + Basic Auth:
GET /db/$DB
– returns cbor[[key,version], ...]
?gte=...<=...&limit=...
?since=...
(exclusive since, cannot be combined with gte/lt)
GET /db/$DB/$KEY
ETag
= version
PUT /db/$DB/$KEY
– content must be cborIf-Match
version
POST /auth/otp
with cbor-data:{token, contact}
creates/sends a user/password (contact
is an email or sms-number).POST /auth/login
with cbor-data:{token, contact, password}
returns a cbor-object:{user, password}
JS-api:
mc.getv(db, key) -> {data, version}
mc.put(db, key, val, [version])
mc.findv(db, {gte, lt, limit, since}) -> [{key, version},...]
mc.get(db, key) -> val
mc.find({gte, lt, limit, since}) -> [key, key, ...]
mc.update(db, key, val => val)
Implementation details:
Table:
- id - int PRIMARY AUTO_INC
- db – int
- key – key (varchar 256)
- val – value (cbor)
- timestamp – ms-timestamp
- uid – who put this value
- INDEX (db, key)
- INDEX (db, timestamp)
Special dbs:
dbs
– db-id: 1,{_owner, access: {read, create, update, list}}
users
–{password, roles, contact, otp, otp_ttl, otp_attempts}
– internal, non-readableroles
-{_owner, users}
– also updates users roles
Special roles:
_guest
– any user_user
– any signed-in user_owner
-_owner
of object_admin
- has all permissions