Not using email as the primary key with Mozilla Persona

Based on the feedback for my last post Mozilla Persona example app with Express and CouchDB I made some small but quite important changes in the architecture of my app.

Francois Marier suggested that we shouldn’t use our users’ email addresses as the primary key in our db. That’s also what Mozilla’s implementer’s guide is telling. So I took the code from my last post and refactored everything. Each user is now identified by a unique key and not anymore by his email address. You can find the current version of the example app at GitHub mozilla-persona-express-couchdb.

Using views to find users

In the first version of my app I used the email as the primary key. Getting a user from db was as simple as a GET request with the appropriate email address. Now that I don’t have the email as the primary key anymore and every user is stored under a random string, we have to use a simple CouchDB view.

"views": {
  "byEmail": {
    "map": "function(doc){
      if (doc.type === 'user') {
        emit(doc.email, doc)
      }
    }"
  }
}

Every user document looks like the following

{
   "_id": "3115b40189b7dfa4d007ff7fc8536af4",
   "_rev": "2-359ee1c1e888690c9c6468b55fa48fa7",
   "type": "user",
   "email": "mirco.zeiss@gmail.com",
   "username": "zeMirco"
}

Combined with the view from above gives us the following table, which we can query with the email as key.

Key Value
“test@mockmyid.com” {...}
“mirco.zeiss@gmail.com” {...}

Querying the view

In the first version of the app I used a simple GET request to retrieve the user object.

db.get(email, function(err, doc) {
  ...
})

I changed those lines as we have to query the view now.

db.view('users', 'byEmail', {key: email}, function(err, body) {
  ...
})

Unfortunately that means we can’t use the HEAD request to check for document existence. This is now done by checking the amout of rows we get back as an answer.

Let the user change his email address

With the new architecture in place users are able to change their email addresses as described in Mozilla’s Implementer’s Guide. I haven’t yet implemented this feature but will do so in the near future and write about my experiences. So stay tuned!

Google
comments powered by Disqus