Menu
I am trying to figure out how to use basic authentication (i.e. http://test:test@localhost:5984/mydb) in CouchDB 1.3.1.
In the Futon:
mydb
["test"] and one admin ["admin"]
Then i just test connection.
Using curl:
curl GET http://localhost:5984/mydb
returns 401 unauthorized, that's good.
curl GET http://test:test@localhost:5984/mydb
returns 200, so everything works as expected using curl.
Using browser or $.ajax:
Both return 401 on the url http://test:test@localhost:5984/mydb.
So, questions:
curl GET or usign $.ajax GET (or browser)?
870
CouchDB 3.0 follows many of the security practices of the old school, SQL databases. You must supply an admin password upon installation, and all newly created databases are accessible only to server admin users by default, instead of world-readable and world-writeable. CouchDB 3.0 also adds more granular user roles.
CouchDB 3.0. 0 runs by default on port 5984. The default user is admin and the default password is password .
Installing CouchDBRun the setup file and proceed with the installation. After installation, open built-in web interface of CouchDB by visiting the following link: http://127.0.0.1:5984/. If everything goes fine, this will give you a web page, which have the following output.
It's called Cross Origin Resource Sharing. Basically, there's a limitation placed on the ajax calls a browser can make. It's a security feature that doesn't allow the browser to load resources from anywhere arbitrarily.
It seems like you would want to be able to do that, after all a click loads an arbitrary resource. But if any old javascript program could load any other resources there are a lot of ways that it could be hijacked to inject code or steal information.
CURL gets around that by not being limited by CORS. It just makes any old request you'd like.
Additionally, you can start a session by querying localhost:5984/_session, at which point all of your following queries will be sent with a security token cookie. jQuery.couch is a nice basic resource for some common functions.
72
You forgot to put the authentication information in the header. Try it!
$(document).ready(function () {
$.ajax({
url: 'http://127.0.0.1:5984/mydb', //Your api url
type: 'GET', //type is any HTTP method
xhrFields: {
withCredentials: true
},
headers: {
'Authorization': 'Basic ' + btoa('MyUser:MyPassWord')
},
success: function (response) {
var resposta = response
},
error: function (err) {
var t = err.responseText;
console.log("Erro de requisição: " + err.responseText);
}
});
});
Source: https://zinoui.com/blog/ajax-basic-authentication
25
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
