couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Couchdb Wiki] Update of "Session_API" by StephaneAlnet
Date Thu, 21 Apr 2011 15:27:47 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.

The "Session_API" page has been changed by StephaneAlnet.
The comment on this change is: Added session timeout timer value.
http://wiki.apache.org/couchdb/Session_API?action=diff&rev1=1&rev2=2

--------------------------------------------------

  === Log in ===
  
  To create a session (=log in), do a
+ {{{
    POST /_session
+ }}}
  with the following parameters:
+ {{{
    name=username
    password=password_for_the_user
- 
+ }}}
  The username is the "name" field of a user's record in CouchDB's _users database.
  
  There is an optional "next" parameter that can be used to force a redirection after CouchDB
processed a successful login.
  
  In case of success, the POST /_session command will return a JSON value:
+ {{{
    {
      "ok": true,
      "name": "username",
      "roles": ["role1","role2"]
    }
+ }}}
  which is similar to the user context (userCtx) parameter of some of the Javascript functions.
  
  In case of error, the POST /_session command will return a JSON value:
+ {{{
    {
      "error":"Name or password is incorrect."
    }
+ }}}
  
  Return values:
    200 OK (with Cookie)
@@ -37, +44 @@

  === Log out ===
  
  To delete the session, do a
+ {{{
    DELETE /_session
+ }}}
  which will remove the session cookie.
  
  An optional parameter "next" can be provided to redirect the browser.
@@ -49, +58 @@

  === Session information ===
  
  To retrieve the current session's information, do a
+ {{{
    GET /_session
+ }}}
  which will retrieve the session data (based on the session cookie).
  
  If the session is valid the GET method will return the same structure as provided by the
successful POST that started the session.
  
  If the session is not valid (not logged in, etc.) an exception will be thrown with an "unauthorized"
error.
  
+ === Session Timeout ===
+ 
+ The session timeout is specified by the "timeout" parameter in the "couch_httpd_auth" section
of configuration.
+ If not specified it defaults to 600 seconds (10 minutes).
+ 

Mime
View raw message