2009/7/10 Chris Anderson <[email protected]>: > I've just pushed some work based on Jason Davies' cookie-auth branch > to my github: > > http://github.com/jchris/couchdb/tree/jd-cookie-auth > > This consolidates login, logout, and whoami to a /_session resource > that supports POST, GET, and DELETE. > > One thing missing here is a /_utils/login.html interface that would > also handle creating new accounts. > > Another is a general consensus around how admins grant roles to new > users, set default roles, etc. > > Take a look at it and feel free to add patches. Tomorrow I plan to > move to an svn branch, but I'll merge any git patches that come along, > before moving to svn. > > Chris > > -- > Chris Anderson > http://jchrisa.net > http://couch.io >
I added to my fork the possibility to set timeout and _user handler we spoke this morning. _user handler handle 2 actions currently : - POST /_user It should receive a form with username, password, email and roles (multiple select). If user isn't an admin he can't set roles - PUT /_user/username A user is updated by sending a form to address above. Password is optionnal, if password is provided, it will be changed : * if username is like userCtx.name and user is not a server admin , he old_password form value should be set with value of old password.. * if user is an admin, password variable is enough and old password is always ignored. My branch is on github : http://github.com/benoitc/couchdb/commits/jd-cookie-auth - benoit
