Hi! I'm +1 to see JWT auth support in CouchDB. The code will be need to pass review, IP clearance and else procedures, but the idea is good in anyway. -- ,,,^..^,,,
On Mon, Feb 22, 2016 at 11:59 PM, Darío Cravero <[email protected]> wrote: > Hi all, > > After today's discussion on Twitter with Jan around how to make > couch_jwt_auth <https://github.com/softapalvelin/couch_jwt_auth> plugin > work in couch -thanks Jan! :)- he suggested I ask > <https://twitter.com/janl/status/700710905420582912> if it might be of > interest to include this in core. Well, here it is :). > > What are your thoughts? I think it would be great to be able to ship with > this in couch itself so it's seamless to activate it. > > Furthermore, it would be amazing if an alternative to the POST handler in > the _session API > <https://github.com/apache/couchdb-couch/blob/master/src/couch_httpd_auth.erl#L287> > would > be able to return a JWT token instead of setting the AuthSession cookie. I > don't really know Erlang but I'll try to give this a go in the coming days. > In the meantime there's couchdb-jwt-auth-server > <https://github.com/BeneathTheInk/couchdb-jwt-auth-server> which works very > well and will do the trick. Needless to say having this integrated (be it > in core or as a plugin) with couch would be even more amazing as it would > remove one step. > > Cheers, > Darío
