hummm, i see. but i don't really like the idea of session cookies. i would like to have my client app ( mobile HTML5 ) to make the appropriate requests with the Token it got from my server only.
the this seems to be not feasible with the Sync-gateway ? Is that it ? because this would hinder me to deal with the channel based replication for Couchbase. Em terça-feira, 27 de maio de 2014 13h10min18s UTC-3, Jens Alfke escreveu: > > > On May 27, 2014, at 8:30 AM, salles pro <[email protected] <javascript:>> > wrote: > > i would like to have a Token based auth with Sync-gateway, like you have > done with facebook. > > > Facebook auth is complicated because auth credentials generated by one > server (Facebook’s) are being used to authenticate to a different server > (Sync Gateway), without there being any trust relationship between FB and > SG, and without the user having to trust SG with their FB password. Is that > the same kind of situation you’re in? > > I ask because if you control the server that authenticates the user, then > you don’t have to have a setup as complicated as the FB login. All you need > to do is have your app authenticate to your server, then your server makes > an admin API call to SG to generate a session cookie, then your server > sends that cookie back to the app to use with SG. > > —Jens > -- You received this message because you are subscribed to the Google Groups "Couchbase Mobile" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/mobile-couchbase/912eafc7-6f5a-4372-be78-1f48a82b1816%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
