OrientDB Security - Javascript
We are using OrientDB Server as our database for our mobile application.
Since we are using Javascript and REST Api to communicate between OrientDB and our Application, our username and password are not secure because any user can view the source and see all the credentials to access orientDB.
How are we going to deal with this situation? What can we protect our server from anonymous users?
Thank!
Any answer is greatly appreciated.
source to share
You can set a default username and password for the ORole reader, which will only read the database, they can't write anything until they register and log in. Once registered and logged in, their own password will be used instead of the default. At this point, you just need to configure the databases as "Restricted".
ORoles should allow you to configure users so that even if they see different records in the database, they can only delete their own records and not other authors. The database will be checked each time the command is received to see if the user is allowed to make this change. See "Recording Level" for details .
source to share