If you don't mind, can you explain your idea in a bit more detail? I need ideas.
I appreciate the reference to the wiki page but it sure is a mess. I couldn't make heads nor tails out of it. Is there a page that spells out what auth handlers are provided and how they function? On Tue, Mar 1, 2011 at 11:02 PM, Martin Hilbig <[email protected]> wrote: > just a quick idea: how about a auth handler[1] which uses the cookie as > second passwd and creates a new one afterwards? > > have fun > martin > > [1]: http://wiki.apache.org/couchdb/Authentication_and_Authorization > > On 02.03.2011 06:51, Mark Hahn wrote: >> >> I would like to have the features of the cookie authorization built >> into couchdb with the _users table, but allow the user to stay logged >> in even after their browser is closed or the db is restarted. >> >> I could store the sha hash in a cookie and check it against their doc >> from _users, but after I've done that, how do I get them logged into >> couchdb with a token? The only way I can figure out how to do this is >> to store the user's password in the clear which defeats the whole >> point of storing the sha hashed password. Is there any way to log in >> a user to couchdb without using the clear password? >> > -- Mark Hahn Website Manager [email protected] 949-229-1012
