couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jason Smith <...@iriscouch.com>
Subject Re: authentication behaviour
Date Mon, 31 Oct 2011 01:26:00 GMT
On Sun, Oct 30, 2011 at 5:43 PM, Johs Ensby <johs@b2w.com> wrote:
> Thanks for raising this question, Benoit!
>
> Having worked with CouchDB as an all-in-one solution for deploying small web sites and
couchapps, the authentication system is the main sources of irritation. How on earth do I
make this work?
> An example:
> - push the app to a publicly available db so you can serve an app with a login box
> - then get data ajax-style from the databases that you want to protect
> - oops, the timeout does not return a useful json, but redirects the user
> - ok, so lets alter the timeout redirect to a login page..
> - opps, what about my half-way completed form that i wanted to submit after logging in
again
> - ok, so make a "keep-alive" polling function to avoid timeout
> .. and so on..

And you're just getting started!

I am not confident that CouchDB can satisfy everybody's needs
correctly. Consider the "Accept" header. Just that one little feature
has produced a huge discussion, with no clear correct solution, and
not all users satisfied. And that is but a tiny component of a
well-made Couch app.

Therefore, I 100% agree with Benoit's reaction. Make couch simple.
Make couch predictable. Next, the community can build tooling for more
complex tasks.

-- 
Iris Couch

Mime
View raw message