couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From KlausTrainer <...@git.apache.org>
Subject [GitHub] couchdb pull request: Upgrade password hashes on authentication
Date Wed, 19 Feb 2014 11:21:32 GMT
Github user KlausTrainer commented on the pull request:

    https://github.com/apache/couchdb/pull/152#discussion_r9861617
  
    Leaving the function as it is would cause other tests (notably in 'share/www/script/test/cookie_auth.js')
break because of update conflicts.  User docs would be upgraded on authentication and a subsequent
update of the respective user doc would fail with a 409 because of the new upgraded version.
 Modifying existing tests to re-fetch user docs before updating them didn't seem like a nice
solution to me.  That's why I took this approach here.
    
    However, you're raising a good question about why the password crypto is done on the client
side at all here.  I currently fail to see any good reason for that.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. To do so, please top-post your response.
If your project does not have this feature enabled and wishes so, or if the
feature is enabled but not working, please contact infrastructure at
infrastructure@apache.org or file a JIRA ticket with INFRA.
---

Mime
View raw message