Welcome to CouchDB Download Token Service’s documentation!¶

Contents:

CouchDB Download Token Service¶

Simple web service that allows downloading CouchDB document attachments with a per-document download token.

This project was created with the objetive of provide GET URLs for CouchDB document attachments without having specify the couch username and password in the URL itself or in the request headers.

The method I found to do this worrying about permissions is assigning each document a secret download_token field to each document that will have to match when doing requests to this service.

The service needs to have admin user credentials so it can query all document’s attachments and decide which clients give then. To do this you have to set a COUCHDB_URL environment variable of format http://admin_user:password@server_domain:5984. By default it uses localhost with no user credentials.

Free software: GNU General Public License v3
Documentation: https://couchdb-download-token.readthedocs.io.

Example usage¶

$ pip3 install couchdb_download_token
$ pip3 install gunicorn
$ gunicorn couchdb_download_token:api
[2016-07-12 23:33:28 -0300] [7880] [INFO] Starting gunicorn 19.6.0
[2016-07-12 23:33:28 -0300] [7880] [INFO] Listening at: http://127.0.0.1:8000 (7880)
[2016-07-12 23:33:28 -0300] [7880] [INFO] Using worker: sync
[2016-07-12 23:33:28 -0300] [7884] [INFO] Booting worker with pid: 7884
$ curl http://localhost:5984/my_database/my_document
{
    "_id": "my_document",
    "_rev": "4-763e041701ae3e55fd4af08dff93efc4",
    "info": "test document",
    "download_token": "123456",
    "_attachments": {
        "file.txt": {
            "content_type": "text/plain",
            "revpos": 2,
            "digest": "md5-U0f+Rrm7WPnsUGK3oD8t8g==",
            "length": 100,
            "stub": true
        }
    }
}
$ curl http://localhost:8000/my_database/my_document/file.txt?token=incorrect
...
< HTTP/1.1 403 Forbidden
< Server: gunicorn/19.6.0
...
$ curl http://localhost:8000/my_database/my_document/file.txt?token=123456
...
< HTTP/1.1 200 OK
< Server: gunicorn/19.6.0
< Date: Wed, 13 Jul 2016 03:02:07 GMT
< Connection: close
< Transfer-Encoding: chunked
< content-type: text/plain
File contents

Credits¶

This package was created with Cookiecutter and the audreyr/cookiecutter-pypackage project template.

Installation¶

You should be using Python 3 to ensure all features are working OK. Python 2 is not fully tested.

Stable release¶

To install CouchDB Download Token Service, run this command in your terminal:

$ pip install couchdb_download_token

This is the preferred method to install CouchDB Download Token Service, as it will always install the most recent stable release.

If you don’t have pip installed, this Python installation guide can guide you through the process.

From sources¶

The sources for CouchDB Download Token Service can be downloaded from the Github repo.

You can either clone the public repository:

$ git clone git://github.com/sh4r3m4n/couchdb_download_token

Or download the tarball:

$ curl  -OL https://github.com/sh4r3m4n/couchdb_download_token/tarball/master

Once you have a copy of the source, you can install it with:

$ python setup.py install

Configuration¶

You can set this environment variables in order to configure the web service:

COUCHDB_URL: URL of the CouchDB Server in format http://user:password@server_url:port.

Should have administrator credentials to access all the attachments and decide which users serve them to.

DOWNLOAD_TOKEN_KEY_NAME: Name of the field containing the downlad token of the

document. By default it is download_token. If it has dots, the lookup will be nested. For example, if its value is “data.token” the service will get the document token from document[‘data’][‘token’]. This is useful for using PouchDB which saves the document’s data inside a “data” key.

Usage¶

Run the server¶

To start the server, first install the package as described in the installation page. The API can run in any WSGI server, like Gunicorn:

$ pip install gunicorn
$ gunicorn couchdb_download_token:api
[2016-07-12 23:33:28 -0300] [7880] [INFO] Starting gunicorn 19.6.0
[2016-07-12 23:33:28 -0300] [7880] [INFO] Listening at: http://127.0.0.1:8000 (7880)
[2016-07-12 23:33:28 -0300] [7880] [INFO] Using worker: sync
[2016-07-12 23:33:28 -0300] [7884] [INFO] Booting worker with pid: 7884

Web API Usage¶

GET /(str: database_name)/(str: document_id)/(str: attachment_filename)¶

Download the attachment attachment_filename of the document with id document_id in database database_name if download token matches.

Query Parameters:
	token – download token of the document
Response Headers:
	Content-Type – The content type that specified in the document’s attachment metadata
Status Codes:	200 OK – No error, permission granted 403 Forbidden – Download token mismatch, permission dennied. If there is no token in the document or if it is null a 403 error will be raised too. 404 Not Found – Attachment not found. Only raised if the token is valid.

Contributing¶

Contributions are welcome, and they are greatly appreciated! Every little bit helps, and credit will always be given.

You can contribute in many ways:

Types of Contributions¶

Report Bugs¶

Report bugs at https://github.com/sh4r3m4n/couchdb_download_token/issues.

If you are reporting a bug, please include:

Your operating system name and version.
Any details about your local setup that might be helpful in troubleshooting.
Detailed steps to reproduce the bug.

Fix Bugs¶

Look through the GitHub issues for bugs. Anything tagged with “bug” and “help wanted” is open to whoever wants to implement it.

Implement Features¶

Look through the GitHub issues for features. Anything tagged with “enhancement” and “help wanted” is open to whoever wants to implement it.

Write Documentation¶

CouchDB Download Token Service could always use more documentation, whether as part of the official CouchDB Download Token Service docs, in docstrings, or even on the web in blog posts, articles, and such.

Submit Feedback¶

The best way to send feedback is to file an issue at https://github.com/sh4r3m4n/couchdb_download_token/issues.

If you are proposing a feature:

Explain in detail how it would work.
Keep the scope as narrow as possible, to make it easier to implement.
Remember that this is a volunteer-driven project, and that contributions are welcome :)

Get Started!¶

Ready to contribute? Here’s how to set up couchdb_download_token for local development.

Fork the couchdb_download_token repo on GitHub.

Clone your fork locally:

$ git clone git@github.com:your_name_here/couchdb_download_token.git

Install your local copy into a virtualenv. Assuming you have virtualenvwrapper installed, this is how you set up your fork for local development:
```
$ mkvirtualenv couchdb_download_token
$ cd couchdb_download_token/
$ python setup.py develop
```
Create a branch for local development:
```
$ git checkout -b name-of-your-bugfix-or-feature
```
Now you can make your changes locally.
When you’re done making changes, check that your changes pass flake8 and the tests, including testing other Python versions with tox:
```
$ flake8 couchdb_download_token tests
$ python setup.py test or py.test
$ tox
```
To get flake8 and tox, just pip install them into your virtualenv.

Commit your changes and push your branch to GitHub:

$ git add .
$ git commit -m "Your detailed description of your changes."
$ git push origin name-of-your-bugfix-or-feature

Submit a pull request through the GitHub website.

Pull Request Guidelines¶

Before you submit a pull request, check that it meets these guidelines:

The pull request should include tests.
If the pull request adds functionality, the docs should be updated. Put your new functionality into a function with a docstring, and add the feature to the list in README.rst.
The pull request should work for Python 3.3, 3.4 and 3.5, and for PyPy. Check https://travis-ci.org/sh4r3m4n/couchdb_download_token/pull_requests and make sure that the tests pass for all supported Python versions.

Tips¶

To run a subset of tests:

$ python -m unittest tests.test_couchdb_download_token