couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Anderson <jch...@apache.org>
Subject Re: authentication cleanup
Date Fri, 25 Dec 2009 22:50:40 GMT
On Thu, Dec 24, 2009 at 10:16 AM, Benoit Chesneau <bchesneau@gmail.com> wrote:
>>
>> I'm also thinking that the /_session handler should speak JSON
>> primarily (but I'll probably leave in the ability to handle
>> form-encoded request bodies as well).
>>
> We could just detect http headers and provide the needed response for
> that.  Keeping the form encoded would be good. It's already used in
> some applications.
>

I'm planning to remove the form-encoded handlers for creating and
updating users documents as the special API is being removed in favor
of having the users db be a plain-old-CouchDB-database. If we want to
have a built-in API for creating and updating user's documents using
form-encoded POSTs, we should generalize it to work against all
databases, not just the users database.

I do think we should keep the ability to login and logout via
form-encoded POSTs, as that is not a document API and thus can't be
wrapped in an _update handler for people who want applications to be
compatible with non-JSON capable clients.

Chris

-- 
Chris Anderson
http://jchrisa.net
http://couch.io

Mime
View raw message