Github user KlausTrainer commented on the pull request:
https://github.com/apache/couchdb/pull/152#discussion_r9861617
Leaving the function as it is would cause other tests (notably in
'share/www/script/test/cookie_auth.js') break because of update conflicts.
User docs would be upgraded on authentication and a subsequent update of the
respective user doc would fail with a 409 because of the new upgraded version.
Modifying existing tests to re-fetch user docs before updating them didn't seem
like a nice solution to me. That's why I took this approach here.
However, you're raising a good question about why the password crypto is
done on the client side at all here. I currently fail to see any good reason
for that.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. To do so, please top-post your response.
If your project does not have this feature enabled and wishes so, or if the
feature is enabled but not working, please contact infrastructure at
[email protected] or file a JIRA ticket with INFRA.
---
