aphelionz
commented
4 years ago Short answer: you want to create a custom Access Controller using https://github.com/orbitdb/orbit-db-access-controllers
Moving this to the Field Manual for the long answer :)
I am developing a chat app based on OrbitDB and IPFS. One issue I have encountered is authentication because I want for the users to be able to just use their login and password instead of copying over public and private keys between machines. One solution I came up with was include the user's orbit db key pair (encrypted using symmetric crypto) together with other info in the user's database that's read-only for everyone except the creator. Then when logging in my API would attempt to decrypt the key and if that succeeds I'd just use the key pair to get full access to the database (somehow replace OrbitDB's key pair with the one form the database). But I don't know if this won't create issues (like multiple clients having the same key pair) or if it's even possible