Very interesting post.

At the time I wrote this I hadn’t hit that problem yet.
I have since however.

My solution is to use Firebase authentication as it’s a more complete solution.
I save authentication data in Firebase to allow access to CouchDB.
At this time I’ve only done it with one global username and password, but I’m sure more sophisticated solutions are possible.
I save the Couch auth data in the database so that if someone does gain access to the JS somehow I have no hard copy of the Auth data.

As for different data for different users, just save the Firebase user id inside of their personal Couch data documents.
Then when you run a query, start by filtering only documents that have that user’s id.

I believe this is a common pattern due to Couch’s 1 dimensional document storage.
So if you have something that would be in it’s own table in an RDBMS you would add a “table” field with the name of the table and filter it with a query.

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.