On Feb 11, 2013, at 19:34 , Jens Alfke <[email protected]> wrote: > > On Feb 9, 2013, at 7:10 AM, svilen <[email protected]> wrote: > >> well i know i can store the passwords, be it secure or not.. but i >> don't want to. i want to store cookies instead. Like a browser does. >> And start any replications by authenticating with those. >> can i do that? > > You don’t authenticate with cookies. Cookies are just a way to persist > session state between requests. The session itself has to be authenticated > using credentials: a username/password, or OAuth token, or BrowserID > assertion. > > In other words, the way you get a cookie in the first place is by posting a > credential to _session (or _browserid). So you have to have access to that > credential. Moreover, sessions expire — I believe the default expiration > interval in CouchDB is one day
10 Minutes :) Cheers Jan -- > — so you can’t just forget the credential after the first login, unless you > want to make the user retype the password every day (which is a good way to > lose users.) > > —Jens
