At the time I wrote this I hadn’t hit that problem yet.
I have since however.
My solution is to use Firebase authentication as it’s a more complete solution.
I save authentication data in Firebase to allow access to CouchDB.
At this time I’ve only done it with one global username and password, but I’m sure more sophisticated solutions are possible.
I save the Couch auth data in the database so that if someone does gain access to the JS somehow I have no hard copy of the Auth data.
As for different data for different users, just save the Firebase user id inside of their personal Couch data documents.
Then when you run a query, start by filtering only documents that have that user’s id.
I believe this is a common pattern due to Couch’s 1 dimensional document storage.
So if you have something that would be in it’s own table in an RDBMS you would add a “table” field with the name of the table and filter it with a query.