On Feb 9, 2013, at 7:10 AM, svilen <[email protected]> wrote: > well i know i can store the passwords, be it secure or not.. but i > don't want to. i want to store cookies instead. Like a browser does. > And start any replications by authenticating with those. > can i do that?
You don’t authenticate with cookies. Cookies are just a way to persist session state between requests. The session itself has to be authenticated using credentials: a username/password, or OAuth token, or BrowserID assertion. In other words, the way you get a cookie in the first place is by posting a credential to _session (or _browserid). So you have to have access to that credential. Moreover, sessions expire — I believe the default expiration interval in CouchDB is one day — so you can’t just forget the credential after the first login, unless you want to make the user retype the password every day (which is a good way to lose users.) —Jens
