couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From KlausTrainer <>
Subject [GitHub] couchdb pull request: Upgrade password hashes on authentication
Date Wed, 19 Feb 2014 11:21:32 GMT
Github user KlausTrainer commented on the pull request:
    Leaving the function as it is would cause other tests (notably in 'share/www/script/test/cookie_auth.js')
break because of update conflicts.  User docs would be upgraded on authentication and a subsequent
update of the respective user doc would fail with a 409 because of the new upgraded version.
 Modifying existing tests to re-fetch user docs before updating them didn't seem like a nice
solution to me.  That's why I took this approach here.
    However, you're raising a good question about why the password crypto is done on the client
side at all here.  I currently fail to see any good reason for that.

If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. To do so, please top-post your response.
If your project does not have this feature enabled and wishes so, or if the
feature is enabled but not working, please contact infrastructure at or file a JIRA ticket with INFRA.

View raw message