I'm writing an emberjs app that uses couchdb as it's backend, and I want to give users the ability to edit some of their user info (their name and emails etc.). I've created a model like so:
App.Person = DS.Model.extend({
first_name: DS.attr(),
last_name: DS.attr(),
full_name: function() {
return this.get('first_name') + ' ' + this.get('last_name');
}.property('first_name', 'last_name')
});
App.User = App.Person.extend({
name: DS.attr('string'), // Actually their primary email.
customer: DS.belongsTo('customer', {async: true }),
teacher: DS.belongsTo('teacher', {async: true }),
roles: DS.attr(),
type: DS.attr()
});
and I'm using this couchdb adapter.
When save the model using this.currentModel.save(); the save works great, but all of these other properties of a couchdb _user just disappear since I haven't defined them in my model:
derived_key
iterations
password_scheme
salt
This makes it impossible for that user to log in. I know I could just define them on my model, but then they would all be pulled onto the browser, and since these are security essential pieces of information, that doesn't seem like a good idea.
Any ideas about how to get my needed behavior without exposing all of this sensitive information? Or is this information not as sensitive as I think because of good encryption algorithms?
Update
Couchdb it turns out doesn't support selective updating. You have to provide the entire object as it will appear in the most recent version, as shown by this SO question
