I have to admit that I'm pretty new to this topic, especially new to erlang. I'm currently trying to play around with various authentication handlers - the goal is to have working "delegated authentication" on facebook, twitter, etc.
- As I understand it, the ohuth couchdb implementation is just the opposite of what I need. You can use this to create tokens for puppet users, but not to accept accessTokens / secrets twitter and map it to the couch.
- I found exactly what I need in datacouch - authentication against twitter with nodejs, and after that getting the plaintext password from the private couch and using it with the _session-API to create a cookie.
Now I am trying to avoid storing clear text passwords. I heard how to use proxy_authentification_handler, but it seems like I'm too inexperienced or even too stupid to use it. I made (as I understand it) the correct entries in couch_httpd_auth
couch_httpd_auth auth_cache_size 50 authentication_db _users authentication_redirect /_utils/session.html require_valid_user false proxy_use_secret false secret xxxxxxxxxxxx timeout 43200 x_auth_roles roles x_auth_token token x_auth_username uname
as well as in the httpd section
httpd allow_jsonp true authentication_handlers {couch_httpd_auth, proxy_authentification_handler},{couch_httpd_auth, cookie_authentication_handler}, {couch_httpd_auth, default_authentication_handler} bind_address 127.0.0.1 default_handler {couch_httpd_db, handle_request} port 5984 secure_rewrites false vhost_global_handlers _utils, _uuids, _session, _oauth, _users
As mentioned in the docs comments, I set proxy_use_secret to false (for the first steps) to allow authentication without an access token.
When I am now doing a GET on http: // localhost: 5984 / _utils / config.html? Uname = user1 & roles = user , which seems to have no effect ...
Has anyone ever received this thing? Am I missing something? Or is it possible to implement a custom authentication handler without erlang encoding?
Many thanks for your help