Open martinhbramwell opened 6 years ago
@martinhbramwell The benefit of PouchDB Authentication is to be able to login/logout, but also sign up, create and manage users... In any case, this is a layer above PouchDB. You can do all of what PouchDB Authentication does with some HTTP calls. :)
Hi @ptitjes thank you for your super fast reply.
I was trying to get started with pouchdb-authentication
using the example code in the recipe Everybody has to be logged in to do anything. But I got 401 errors no matter what I tried.
I then saw issue #239 "PouchDb 7 : authentication doesn't work anymore" and realized that none of the fixes being discussed used pouchdb-authentication
at all! Wtf?
Is it possible your documentation needs to be reviewed in the light of recent changes?
Yes, the documentation needs some changes (in the example you used, the Basic Authentication header Authorization
in ajaxOpts
is now handled by PouchDB Authentication – see #204).
But also, I had no time to explore how the current version 1.1.3
works directly with PouchDB 7. But I started a PR (#238) to make it work with the new fetch APIs. I'm sorry that I'm late but I had no help since PouchDB 7 release. The PR seems to work (it works on node.js) however some of the test targets fail because I fail to correctly include the polyfills for fetch
and Promise
. If you know how to fix that please help.
I wish I could help, but I'm trying to learn Couch/Pouch for an already behind schedule project. :-(
To answer the question (as best as I can, after my digging around in the source code):
PouchDB 7 only supports HTTP Basic Auth. pouchdb-authentication implements cookie-based auth. So no, this library is not obsolete.
CouchDB docs say that cookie auth is more efficient than basic auth, but my hunch is that the difference would only be noticeable at scale.
Just checking - I'm guessing its not possible to use this plugin to enable offline auth to an app? - in other words if I use this, I must be online and able to reach at least one couchdb node?
@baradhili you are correct, this auth is for authenticating against other couchDB nodes. when offline, you can just create a DB and use it, no auth needed until you want to sync it.
I seem to able to control client access to CouchDB adequately using only PouchDB.
What added benefit would I get from using
pouchdb-authentication
?