couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Anderson <jch...@apache.org>
Subject auth polishing
Date Sun, 17 Jan 2010 09:15:01 GMT
Devs,

I've been fine-tuning some of the auth stuff. I'm not done yet, but
this is a status update.

Conflicted user docs now can't be used to login. You must resolve the
conflict first.

I've also normalized some naming, like user docs to name/password
instead of "username" in some places.

The /_session response now returns something like:

{
  userCtx : {
    name : "jchris@apache.org",
    roles : ["_admin", "_replicator", "author"]
  },
  info : {
    authentication_db : "_users",
    authenticated : ["cookie"],
    authentication_handlers : ["oauth", "cookie", "http_basic"]
  },
}

I flirted with the idea of including the userDoc but I'll leave that
up to someone else to tackle.

TODO:

* bcrypt (I think there are some JS implementations out there)
* security object (I think this will be a local doc that apps can
populate with the help of an admin.)

Chris

-- 
Chris Anderson
http://jchrisa.net
http://couch.io

Mime
View raw message