Couchbase Lite / PhoneGap _replicate with cookies authentication

[pierre houlle]

I followed the todo-lite phonegap demo 

I changed the method of identification with basic authentication, it works

JS :

var remote = {

url : 'http://user:pass...@xx.xx.xx.xx:4984/db'

},

    push = {

        source : "db",

        target : remote,

        continuous : true

    }, pull = {

        target : "db",

        source : remote,

        continuous : true

   };

Now I try to identify myself via a cookie that would be provided by a third party server that can query the API sync_gateway

I can simulate the app server like that : 

curl  -H "Content-Type: application/json" -X POST http://xx.xx.xx.xx:4985/db/_session --data "{\"name\":\"user\", \"ttl\":10000}"

the response is :

{"session_id":"5b6d5f1a5f9a655eb346a08c308b0a44dfaab7a7","expires":"2013-11-21T14:41:55.178257443Z","cookie_name":"SyncGatewaySession"}

Now I would like to know, if it's possible, how to send this cookie via my JS var remote or another var/property

Thanks

[Jens Alfke]

On Nov 21, 2013, at 6:45 AM, pierre houlle <pierr...@gmail.com> wrote:

> {"session_id":"5b6d5f1a5f9a655eb346a08c308b0a44dfaab7a7","expires":"2013-11-21T14:41:55.178257443Z","cookie_name":"SyncGatewaySession"}
>
> Now I would like to know, if it's possible, how to send this cookie via my JS var remote or another var/property

You’d add a property called “headers” to your ‘remote’ object. This lets you add extra HTTP headers to the requests the replicator sends. Add a Cookie header that will send the cookie whose name and value were specified:

var remote = {
url : 'http://user:pass...@xx.xx.xx.xx:4984/db',

headers: {Cookie: “SyncGatewaySession=5b6d5f1a5f9a655eb346a08c308b0a44dfaab7a7”}
},

There’s a bit of documentation at
http://wiki.apache.org/couchdb/Replication#Authentication

—Jens

[pierre houlle]

Thank you Jens;

But it doesn't work at time.

I used (without basic auth vars) :

var remote = { 
        url : 'http://xx.xx.xx.xx:4984/db', 

        headers: {Cookie: “SyncGatewaySession=5b6d5f1a5f9a655eb346a08c308b0a44dfaab7a7”} 
        }, 

And the sync gateway reply a  --> 401 Login required

I followed this instruction, restart couchbase, but nothing better, what's wrong ?

Please note that for cookie authentication to work, you need to enable thecookie_authentication_handler in your local.ini:

[httpd]
authentication_handlers = {couch_httpd_auth, cookie_authentication_handler}, {couch_httpd_oauth, oauth_authentication_handler}, {couch_httpd_auth, default_authentication_handler}

In addition, you need to define a server secret:

[couch_httpd_auth]
secret = yours3cr37pr4s3

[J. Chris Anderson]

You might try enabling  -LogRemoteRequest or -LogSyncVerbose via http://docs.couchbase.com/couchbase-lite/cbl-ios/#logging

And this could help us see the actual client <-> server exchange.

Chris

[atom992]

Hi,I want to know that why I need add username/password and headers with cookies info both in remote to sync doc ? I think headers with Cookies is enough(Cookies info indicated username and password), why I need to add username and password in remote object?

[Jens Alfke]

On May 17, 2015, at 11:29 AM, atom992 <yangzi...@gmail.com> wrote:

Hi,I want to know that why I need add username/password and headers with cookies info both in remote to sync doc ? I think headers with Cookies is enough(Cookies info indicated username and password), why I need to add username and password in remote object?

You shouldn’t have to, as long as the cookie is a valid session generated by the Sync Gateway.

You can either authenticate with HTTP basic auth (where you provide username + password); or you can talk to your app server yourself and have it generate you a Sync Gateway session cookie, then authenticate with that cookie.

I don’t know what you mean by "Cookies info indicated username and password”. The Sync Gateway doesn’t recognize any cookie that contains a username or password. The session cookie just contains an opaque randomly-generated session ID.

—Jens