Thanks for this thread, it's super useful info. @snej As you mentioned here <https://github.com/couchbase/couchbase-lite-ios/issues/552#issuecomment-66814732>, if we are not using custom auth provided by Couchbase Lite then we need to handle cookie expiration. In the case of third-party oauth (for example Twitter login), when the replication expires, we must get a new Twitter token from the Twitter iOS SDK and pass this to the App Server to create a new session.
It would be interesting to know how this is handled in the case of Facebook OAuth with SG. When the SG token expires, is there an HTTP call to refresh it? In other words, if a cookie was set for more than 24 hours (the expiration time of SG cookies) how will it refresh the token when SG responds with 401? On Friday, 5 September 2014 11:51:47 UTC-7, Jens Alfke wrote: > > > On Sep 5, 2014, at 9:42 AM, Martin Palatnik <[email protected] > <javascript:>> wrote: > > I know that Chris created this example, > https://github.com/couchbaselabs/StreamFavorites/blob/master/server.js > where he does some not standard stuff to get Linkedin Login. > From what I understand he is creating a small server, which connects to > the admin and creates a session. That's what you are refering to Jens? > > > Yes. The SG docs describe how to do custom authentication by having the > client app send credentials to a server-side component you write that then > calls the SG admin API to generate a session cookie for the user. You can > do any kind of auth you want that way. > > —Jens > -- You received this message because you are subscribed to the Google Groups "Couchbase Mobile" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/mobile-couchbase/8c3cec6f-2dd1-47da-a3de-be7bc347f6d2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
