Hi guys,
I have to admit that i am fairly new to this topic, especially new to erlang.
Currently i am trying to play around with the various authentication handlers -
goal is to have a working "delegated authentication" on facebook, twitter and
such.
1) as far as i understood the oAuth implementation of couchdb is just the
opposite i need - you can use that to create tokens for couch-users, but not to
accept twitter accessTokens/secrets and map that to a couch user
2) i found exactly what i need in datacouch - authentication against twitter
with nodejs, and after that getting the plaintext password from a private couch
and use it with _session-API to create a couch cookie.
3) i modified the sample a little bit and used everyauth to handle the
delegated authentication. I map the userinfos i get from facebook etc. against
user profiles in a private db, which also contains the user passwords
(unfortunately still in plaintext). Works perfectly, but.....
Now i am trying to avoid storing the plaintext passwords. I heard about to use
proxy_authentification_handler, but it seems i am too stupid to use it. I made
the (as far as i understood) correct entries in couch_httpd_auth
couch_httpd_auth auth_cache_size
50
x
authentication_db
_users
x
authentication_redirect
/_utils/session.html
x
require_valid_user
false
x
secret
xxxxxxxxxxxx
x
timeout
43200
x
x_auth_roles
roles
x
x_auth_token
token
x
x_auth_username
uname
and also in httpd
httpd allow_jsonp
true
x
authentication_handlers
{couch_httpd_auth, proxy_authentification_handler},{couch_httpd_auth,
cookie_authentication_handler}, {couch_httpd_auth,
default_authentication_handler}
x
bind_address
127.0.0.1
x
default_handler
{couch_httpd_db, handle_request}
x
port
5984
x
secure_rewrites
false
x
vhost_global_handlers
_utils, _uuids, _session, _oauth, _users
When i now do a GET on
http://localhost:5984/_utils/config.html?uname=user1&roles=user that seems to
doesn't lead to anything...
Anybody ever got that thing running? Am i missing something? Or is there any
chance to implement a custom authentication handler without coding erlang?
Thanks for your help
Michael
