just a quick idea: how about a auth handler[1] which uses the cookie as
second passwd and creates a new one afterwards?
have fun
martin
[1]: http://wiki.apache.org/couchdb/Authentication_and_Authorization
On 02.03.2011 06:51, Mark Hahn wrote:
I would like to have the features of the cookie authorization built
into couchdb with the _users table, but allow the user to stay logged
in even after their browser is closed or the db is restarted.
I could store the sha hash in a cookie and check it against their doc
from _users, but after I've done that, how do I get them logged into
couchdb with a token? The only way I can figure out how to do this is
to store the user's password in the clear which defeats the whole
point of storing the sha hashed password. Is there any way to log in
a user to couchdb without using the clear password?
