Update auth DB docs via the auth module Documents in the authentication DB were being updated directly from couch_httpd_auth via couch_db:update_doc/3. This meant that updates to documents with the authentication DB on the clustered interface (5984) would fail.
This commit makes the auth module responsible for the document update via a ?MODULE:update_doc/2 function and adds a function for couch_httpd_auth which proxies to couch_db:update_doc/3. COUCHDB-2452 Project: http://git-wip-us.apache.org/repos/asf/couchdb-couch/repo Commit: http://git-wip-us.apache.org/repos/asf/couchdb-couch/commit/8c029964 Tree: http://git-wip-us.apache.org/repos/asf/couchdb-couch/tree/8c029964 Diff: http://git-wip-us.apache.org/repos/asf/couchdb-couch/diff/8c029964 Branch: refs/heads/2452-users-db-security-on-clustered-interface Commit: 8c0299645e5ec0ea72de71c795c83a9b06d7b590 Parents: 2f069c8 Author: Mike Wallace <[email protected]> Authored: Tue Nov 11 00:06:19 2014 +0000 Committer: Mike Wallace <[email protected]> Committed: Tue Nov 11 00:10:55 2014 +0000 ---------------------------------------------------------------------- src/couch_httpd_auth.erl | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/8c029964/src/couch_httpd_auth.erl ---------------------------------------------------------------------- diff --git a/src/couch_httpd_auth.erl b/src/couch_httpd_auth.erl index 752dd20..4c65b2a 100644 --- a/src/couch_httpd_auth.erl +++ b/src/couch_httpd_auth.erl @@ -20,6 +20,7 @@ -export([proxy_authentication_handler/1, proxy_authentification_handler/1]). -export([cookie_auth_header/2]). -export([handle_session_req/1, handle_session_req/2]). +-export([update_doc/2]). -import(couch_httpd, [header_value/2, send_json/2,send_json/4, send_method_not_allowed/2]). @@ -368,17 +369,20 @@ maybe_upgrade_password_hash(UserName, Password, UserProps, AuthModule) -> case {IsAdmin, couch_util:get_value(<<"password_scheme">>, UserProps, <<"simple">>)} of {false, <<"simple">>} -> DbName = ?l2b(config:get("couch_httpd_auth", "authentication_db", "_users")), - couch_util:with_db(DbName, fun(UserDb) -> - UserProps2 = proplists:delete(<<"password_sha">>, UserProps), - UserProps3 = [{<<"password">>, Password} | UserProps2], - NewUserDoc = couch_doc:from_json_obj({UserProps3}), - {ok, _NewRev} = couch_db:update_doc(UserDb, NewUserDoc, []), - AuthModule:get_user_creds(UserName) - end); + UserProps2 = proplists:delete(<<"password_sha">>, UserProps), + UserProps3 = [{<<"password">>, Password} | UserProps2], + NewUserDoc = couch_doc:from_json_obj({UserProps3}), + {ok, _NewRev} = AuthModule:update_doc(DbName, NewUserDoc), + AuthModule:get_user_creds(UserName); _ -> UserProps end. +update_doc(DbName, NewUserDoc) -> + couch_util:with_db(DbName, fun(UserDb) -> + couch_db:update_doc(UserDb, NewUserDoc, []) + end). + authenticate(Pass, UserProps) -> UserSalt = couch_util:get_value(<<"salt">>, UserProps, <<>>), {PasswordHash, ExpectedHash} =
