On Sun, Feb 7, 2010 at 1:21 AM, Brian Candler <b.cand...@pobox.com> wrote: > On Sat, Feb 06, 2010 at 05:31:29PM -0800, Chris Anderson wrote: >> I'd love to hear people's ideas about what schema to store the passwords in: >> >> maybe something like this in the _user doc: >> >> { >> credentials : { >> type : "bcrypt", >> whatever else >> } >> } > > Don't reinvent the wheel; do exactly what OpenLDAP does with userPassword. > > password: "plain" > password: "{CRYPT}$1$foo$bar" > password: "{SHA1}..." > password: "{SSHA1}...with salt..." > ... etc >
That doesn't sound bad at all. Scouting for implementations I found this Erlang LDAP project, but there's got to be more out there: http://code.google.com/p/erldir/ Is there a world-class LDAP server written in Erlang yet? Maybe just not open source? If we can't find an Erlang library, is there a spec we should look at while implementing? Chris -- Chris Anderson http://jchrisa.net http://couch.io