couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexander Shorin <kxe...@gmail.com>
Subject Re: Thoughts on including couch_jwt_auth in core?
Date Mon, 22 Feb 2016 21:03:46 GMT
Hi!

I'm +1 to see JWT auth support in CouchDB.
The code will be need to pass review, IP clearance and else
procedures, but the idea is good in anyway.
--
,,,^..^,,,


On Mon, Feb 22, 2016 at 11:59 PM, Darío Cravero <dario@uxtemple.com> wrote:
> Hi all,
>
> After today's discussion on Twitter with Jan around how to make
> couch_jwt_auth <https://github.com/softapalvelin/couch_jwt_auth> plugin
> work in couch -thanks Jan! :)- he suggested I ask
> <https://twitter.com/janl/status/700710905420582912> if it might be of
> interest to include this in core. Well, here it is :).
>
> What are your thoughts? I think it would be great to be able to ship with
> this in couch itself so it's seamless to activate it.
>
> Furthermore, it would be amazing if an alternative to the POST handler in
> the _session API
> <https://github.com/apache/couchdb-couch/blob/master/src/couch_httpd_auth.erl#L287>
> would
> be able to return a JWT token instead of setting the AuthSession cookie. I
> don't really know Erlang but I'll try to give this a go in the coming days.
> In the meantime there's couchdb-jwt-auth-server
> <https://github.com/BeneathTheInk/couchdb-jwt-auth-server> which works very
> well and will do the trick. Needless to say having this integrated (be it
> in core or as a plugin) with couch would be even more amazing as it would
> remove one step.
>
> Cheers,
> Darío

Mime
View raw message