incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From J Chris Anderson <>
Subject Re: Issues while using couchdb http cookie auth
Date Thu, 05 Aug 2010 17:11:57 GMT

On Aug 5, 2010, at 7:11 AM, Mahendra M wrote:

> Hi,
> I was trying to setup and use couchdb http cookie auth. I could
> not find any "official" documentation for the same. A bit of searching around
> gave me these.
> 1. (seems new)
> 2. (2009)
> 3.
> My requirement is this.
> * Have one db with user related docs.
> * The key of the doc is the userid
> * The sha1 hashed password for each user is stored in his doc.
> * I want to issue cookies based on a userid and password posted to couchdb.

This is pretty much how the built-in auth works. Jan is working on a document here:

The other thing to do is just use the signup and login buttons on Futon to do the same thing.
Look in the lower right corner of http://localhost:5984/_utils/

I have code here that also does signup and login (using the jquery plugin that ships with

> Originally, I was trying on writing my own show function to do an
> auth. Then I saw
> that couchdb itself has support for doing this.
> The methods discussed in the above thread(s) are really good and I wanted to
> try it out. However, it is not working even after following both the examples.
> I keep getting an error
> {"error":"unauthorized","reason":"Name or password is incorrect."}
> The debug logs also don't give out much information.
> Looks like I have not set up things properly and the above docs are a bit
> confusing. Also, could not find anything on the couchdb wiki.
> So, I wanted to check if there is any other documentation on how to make
> use of http cookie auth.
> Or has anyone tried and got it working ?
> In link(1), it explains how to setup a single auth scheme for a couchdb node and
> making use of /_session to get a cookie.
> In link(2), it looks like adding _login and _logout handlers to each
> db. Does this
> mean that each db can have it's own user/password sets ? Also, what parameters
> must be passed to _login ? Also, this says that the "users" view
> values must have
> a member "password" whereas the previous link asks for a member "password_sha".
> Which is the correct approach to follow ? or are both valid ?
> I am a bit confused as of now :-)
> Regards,
> Mahendra

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message