Using Cookie Authentication with CouchDB-Python
530 views
Skip to first unread message
shead....@gmail.com
Nov 29, 2010, 1:01:08 PM11/29/10
to CouchDB-Python
I've been using CouchDB-Python extensively to implement server-side
functionality using CouchDB external processes, and it works great,
many thanks! The only problem I'm having is that I'm not clear on how
to get CouchDB-Python to use cookie authentication. The optional
"session" parameter in the couchdb.Server() constructor seems like the
right idea, but I haven't seen any examples of how to use it ... could
someone give me a pointer?
Many thanks,
Tim Shead
functionality using CouchDB external processes, and it works great,
many thanks! The only problem I'm having is that I'm not clear on how
to get CouchDB-Python to use cookie authentication. The optional
"session" parameter in the couchdb.Server() constructor seems like the
right idea, but I haven't seen any examples of how to use it ... could
someone give me a pointer?
Many thanks,
Tim Shead
shead....@gmail.com
Nov 29, 2010, 4:16:50 PM11/29/10
to CouchDB-Python
The following seems to work, it would be good to know whether
"Server.resource" is an internal implementation detail or something I
can count on in the future:
request = # Incoming request object, as described by
http://wiki.apache.org/couchdb/ExternalProcesses
server = couchdb.Server("http://" + request["headers"]["Host"])
server.resource.headers["Cookie"] = request["headers"]["Cookie"] # Use
the client's authentication token for server-side processing
# Do stuff with the server here
Cheers,
Tim Shead
"Server.resource" is an internal implementation detail or something I
can count on in the future:
request = # Incoming request object, as described by
http://wiki.apache.org/couchdb/ExternalProcesses
server = couchdb.Server("http://" + request["headers"]["Host"])
server.resource.headers["Cookie"] = request["headers"]["Cookie"] # Use
the client's authentication token for server-side processing
# Do stuff with the server here
Cheers,
Tim Shead
Dirkjan Ochtman
Nov 29, 2010, 4:55:25 PM11/29/10
to couchdb...@googlegroups.com
Good to hear you figured it out. :) Server.resource is definitely part
of the public API, so while I won't promise it won't disappear or
change someday, something like it will always be available (I really
have no plans to muck with it, at all).
Cheers,
Dirkjan
Paul Okstad
Sep 15, 2011, 7:11:40 PM9/15/11
to couchdb...@googlegroups.com
For retrieving the cookie initially, this little code snippet works:
c = couchdb.Server()
code,message,data = c.resource.post('_session',headers={'Content-Type':'application/x-www-form-urlencoded'},body="name=URLENCODED_USERNAME&password=URLENCODED_PASSWORD")
message.get('Set-Cookie') # returns a string that needs parsing to get the 'AuthSession' value
c = couchdb.Server()
code,message,data = c.resource.post('_session',headers={'Content-Type':'application/x-www-form-urlencoded'},body="name=URLENCODED_USERNAME&password=URLENCODED_PASSWORD")
message.get('Set-Cookie') # returns a string that needs parsing to get the 'AuthSession' value
Michael Hines
Sep 2, 2014, 11:51:04 AM9/2/14
to couchdb...@googlegroups.com
A more complete example for googlers:
from couchdb import Server
s = Server("https://user:pass...@example.com:6984")
# Request the cookie: url encoded above and below, of course
# You have to put the credentials twice to get started with the first cookie
# Both in the Server() constructor as well as the _session POST body
code, message, obj = s.resource.post('_session',headers={'Content-Type' : 'application/x-www-form-urlencoded'}, body="name=user&password=password")
assert(code == 200)
# Now you have received a cookie, extract it
cookie = message["Set-Cookie"].split(";", 1)[0].strip()
# exit python and restart
# Request a server object, but without the username and password this time
s = Server("https://example.com:6984")
s.resource.headers["Cookie"] = cookie
# Yay, no password.
db = s["database"]
Optionally set the "persistent" cookie option on the server side to make the cookie last longer.
- Michael
from couchdb import Server
s = Server("https://user:pass...@example.com:6984")
# Request the cookie: url encoded above and below, of course
# You have to put the credentials twice to get started with the first cookie
# Both in the Server() constructor as well as the _session POST body
code, message, obj = s.resource.post('_session',headers={'Content-Type' : 'application/x-www-form-urlencoded'}, body="name=user&password=password")
assert(code == 200)
# Now you have received a cookie, extract it
cookie = message["Set-Cookie"].split(";", 1)[0].strip()
# exit python and restart
# Request a server object, but without the username and password this time
s = Server("https://example.com:6984")
s.resource.headers["Cookie"] = cookie
# Yay, no password.
db = s["database"]
Optionally set the "persistent" cookie option on the server side to make the cookie last longer.
- Michael
Reply all
Reply to author
Forward
0 new messages