couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From svilen>
Subject Re: replication on touchdb and authentication
Date Sat, 09 Feb 2013 15:10:51 GMT
> > i'm trying to replicate a per-user database to/from touchdb on
> > mobile device
> What mobile platform?
both android and ios. maybe one day win8..

> > so i wanted to do cookie-based /_session authentication, but i
> > don't see where to put the cookie (eventually obtained by manualy
> > POSTing on server/_session). 
> This isn’t any different, from the app’s perspective; you still have
> to provide a username and password somehow, they’re just sent to the
> server slightly differently.
well i know i can store the passwords, be it secure or not.. but i
don't want to. i want to store cookies instead. Like a browser does.
And start any replications by authenticating with those.
can i do that?

> Recent builds of TouchDB (now aka Couchbase Lite) include support for
> the new BrowserID protocol, which is a single-sign-on system similar
> to OpenID that lets users log in with any working email address. Of
> course the server needs to support it too; IrisCouch’s servers
> already do, and they have a plugin for CouchDB on GitHub that you can
> add if you run your own server.
> There’s also OAuth, which TouchDB also supports. OAuth is an ugly
> mess IMHO and I would avoid it unless you’re really eager to provide
> logins via Facebook accounts.
All those single-sign-on things are good for something and not that good
for other.. maybe at later stage.

if i can use _session cookies, then it will only depend on server-side
login-wrapping-API for translating all the auth methods into couchdb
cookies. i want to take the authentication complexity away of

> BTW, the mobile-couchbase list is the best place to discuss
> TouchDB/Couchbase Lite specific issues:
okay next time i'll ask there 


View raw message