> On Feb 13, 2015, at 2:11 AM, Constantine Kozak <[email protected]> wrote: > > I want to use a custom auth provider and create a session in SG by calling > POST /$DB/_session. But documentation says that I this request may return 404 > if a user doesn't exist in DB so I need to create it. When I try to create a > user calling PUT /$DB/_user/$id it requires a password but I don't want to > store a password in SG/CDB because I'll need to keep it with sync with a > password in an external auth system.
If you’re using custom auth and users won’t be authenticating directly with SG, then just set the password to a random string (should be at least 128 bits of entropy generated by a secure random number generator.) You don’t need to remember that password anywhere; the user’s never going to need it, and you don’t need it on the server side either. —Jens -- You received this message because you are subscribed to the Google Groups "Couchbase Mobile" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/mobile-couchbase/C38E3ABD-05D1-4CA6-8A53-A7BF2B393085%40couchbase.com. For more options, visit https://groups.google.com/d/optout.
