Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cookie Based Authentication and CORS in v6.0.0 #240

Open
llunn opened this issue Mar 12, 2019 · 0 comments
Open

Cookie Based Authentication and CORS in v6.0.0 #240

llunn opened this issue Mar 12, 2019 · 0 comments

Comments

@llunn
Copy link

llunn commented Mar 12, 2019

More of an FYI than an issue that needs addressing. There is an issue of replicating to remote CouchDB using cookie based authentication.

PouchDB v7.0.0 inadvertently removed sending cookies by default on requests to CouchDB, which has already been patched. However, this patch has not made it into an npm release yet, so it is still affecting the pouchdb dependency of ember-pouch.

After digging a little, it seems that the only solution at this point is to use basic http authentication as indicated by @zeevl since pouchdb functions such as sync() and replicate() are affected.

Initiating replication is an obvious place where this is noticeable. A basic example to overcome the issue until pouchdb pushes a new release is below. Note that removing the auth option will produce a CORS error, regardless of any headers that one might choose to send in the options.

startReplication(username, password) {
    if (config.emberPouch.remoteDb) {
      this.set('remoteDb', new PouchDB(config.emberPouch.remoteDb,
        {
          // the line below is required due to a fixed bug that has not found
          // it's way into a release version of pouchdb that results in cookies
          // not being sent by pouchdb requests.

          // For more information:
          // https://github.com/pouchdb/pouchdb/issues/7390

          // Use Basic Authentication scheme for CouchDB instead of the Cookie based authentication.
          auth: { username, password}
       }
      ));

      this.get('db').sync(this.get('remoteDb'), { live: true, retry: true });
    } else {
      debug("No remote database is configured.  Skipping replication init.")
    }
  } 
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant