couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Candler <B.Cand...@pobox.com>
Subject Re: JavaScript bcrypt (was Re: authentication cleanup)
Date Sun, 07 Feb 2010 09:21:53 GMT
On Sat, Feb 06, 2010 at 05:31:29PM -0800, Chris Anderson wrote:
> I'd love to hear people's ideas about what schema to store the passwords in:
> 
> maybe something like this in the _user doc:
> 
> {
> credentials : {
>   type : "bcrypt",
>   whatever else
> }
> }

Don't reinvent the wheel; do exactly what OpenLDAP does with userPassword.

password: "plain"
password: "{CRYPT}$1$foo$bar"
password: "{SHA1}..."
password: "{SSHA1}...with salt..."
... etc

Mime
View raw message