couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Wordit Ltd <wordi...@googlemail.com>
Subject How to authenticate admin without revealing passwd
Date Thu, 04 Nov 2010 01:07:22 GMT
I'm creating a couchapp and need to ensure that only admin can change
a user's details.
Problem is, I need admin to login to do that. How do I prevent the
admin's passwd being seen?
It's javascript, so isn't the login visible to all?

e.g. I need to use login to be allowed to SaveDoc:
CouchDB.login("admin","secret");
...SaveDoc({json});

Somebody on the list just mentioned using an additional frontend app
to only allow admin to make changes. I don't understand what that
requires, or whether it is right for my situation.

Marcus

p.s. Finally making some progress with CouchDB. Thanks for all the
help on this list.

Mime
View raw message