couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Anderson <>
Subject auth polishing
Date Sun, 17 Jan 2010 09:15:01 GMT

I've been fine-tuning some of the auth stuff. I'm not done yet, but
this is a status update.

Conflicted user docs now can't be used to login. You must resolve the
conflict first.

I've also normalized some naming, like user docs to name/password
instead of "username" in some places.

The /_session response now returns something like:

  userCtx : {
    name : "",
    roles : ["_admin", "_replicator", "author"]
  info : {
    authentication_db : "_users",
    authenticated : ["cookie"],
    authentication_handlers : ["oauth", "cookie", "http_basic"]

I flirted with the idea of including the userDoc but I'll leave that
up to someone else to tackle.


* bcrypt (I think there are some JS implementations out there)
* security object (I think this will be a local doc that apps can
populate with the help of an admin.)


Chris Anderson

View raw message