For pouchdb, it supports remote sync with a server-side DB.
http://pouchdb.com/guides/databases.html
However, for a multi-user app, it seems the client can simply change the database name to anything, and may even overwrite other users' data.
How to prevent this? Create a separate DB for each user?
"DB per user" is a pretty standard authentication model in CouchDB/PouchDB. (Don't worry - databases are cheap in CouchDB.) There are some examples of different recipes in the pouchdb-authentication README as well as a more complex example where multiple users partially share data amongst themselves.
