Kitura-CouchDB icon indicating copy to clipboard operation
Kitura-CouchDB copied to clipboard

Published 20 hours ago verified publisher icon Kitura

Authenticate using Cookies

Open Andrew-Lees11 opened this issue 6 years ago • 1 comments

Currently the CouchDBClient is created with a Username and password which is attached to every request using basic authentication.

It is more performant and safe to use cookies as described in the couchDB docs: http://docs.couchdb.org/en/stable/api/server/authn.html#cookie-authentication

We have a function for creating users and sessions however their is no ability to use the cookie from the session as authentication for requests.

If we added this feature then you could add authentication levels to users instead of everyone having the authorization level of the provided username and password.

Andrew-Lees11 avatar Nov 13 '18 12:11 Andrew-Lees11

As of 3.0.0 we have removed User databases. In the future we might like to reintroduce them in combination with cookies so you can have a user sign into CouchDB with a provided username and password instead of using the client credentials. If this was added we could also add support for _security to set users permission levels.

This is a relatively large chunk of work and unless users request this functionality we are not looking to implement this is the near future.

Andrew-Lees11 avatar Jan 28 '19 13:01 Andrew-Lees11