1

对于管理员用户:

$ curl -X POST localhost:5984/_session -d "username=admin&password=admin"  
{"ok":true,"name":"admin","roles":["_admin"]}  
$ curl -vX GET localhost:5984/_session --cookie AuthSession=YWRtaW...  
{"ok":true,"userCtx":{"name":"admin","roles":["_admin"]},"info":{"authentication_db":"_users","authentication_handlers":["cookie","default"],"authenticated":"cookie"}}

但对于普通用户:

$ curl -vX POST localhost:5984/_session -d "username=user&password=123"
{"ok":true,"name":"user","roles":["users"]}  
$  curl -vX GET localhost:5984/_session --cookie AuthSession=ZGlqbzo...  
{"ok":true,"userCtx":{"name":null,"roles":[]},"info":{"authentication_db":"_users","authentication_handlers":["cookie","default"]}}

当我通过 iron-ajax 元素或简单地从 chrome 执行 XmlHttpRequest 时,也会发生同样的事情。我究竟做错了什么?

CouchDB 版本:2.1.1
配置:

[chttpd]
  bind_address = 0.0.0.0
  port = 5984
  authentication_handlers = {couch_httpd_auth, cookie_authentication_handler}, {couch_httpd_auth, default_authentication_handler}
[httpd]
  enable_cors = true
[couch_httpd_auth]
  allow_persistent_cookies = true
  timeout = 60000
[cors]
  credentials = true
  origins = *
  headers = accept, authorization, content-type, origin, referer
  methods = GET, PUT, POST, HEAD, DELETE
4

2 回答 2

0

当我从我的 local.ini 中删除时问题消失了

authentication_handlers = {couch_httpd_auth, cookie_authentication_handler}, {couch_httpd_auth, default_authentication_handler}

因为我使用了不正确的处理程序:couch_httpd_auth在配置中chttpd,当该处理程序仅被编写为与原始couch_httpd模块一起使用时

于 2018-05-03T02:29:02.670 回答
0

我不太明白你的问题,但这是我以管理员用户curl身份使用 cookie 进行身份验证的方法:

首先,我使用选项运行 curl-v以查看标题字段:

$ curl -k -v -X POST https://192.168.1.106:6984/_session -d 'username=jan&password=****'
Note: Unnecessary use of -X or --request, POST is already inferred.
*   Trying 192.168.1.106...
* Connected to 192.168.1.106 (192.168.1.106) port 6984 (#0)
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 604 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
*    server certificate verification SKIPPED
*    server certificate status verification SKIPPED
* error fetching CN from cert:The requested data were not available.
*    common name:  (does not match '192.168.1.106')
*    server certificate expiration date OK
*    server certificate activation date OK
*    certificate public key: RSA
*    certificate version: #3
*    subject: O=Tech Studio
*    start date: Sat, 31 Mar 2018 04:37:51 GMT
*    expire date: Tue, 30 Mar 2021 04:37:51 GMT
*    issuer: O=Tech Studio
*    compression: NULL
* ALPN, server did not agree to a protocol
> POST /_session HTTP/1.1
> Host: 192.168.1.106:6984
> User-Agent: curl/7.47.0
> Accept: */*
> Content-Length: 25
> Content-Type: application/x-www-form-urlencoded
> 
* upload completely sent off: 25 out of 25 bytes
< HTTP/1.1 200 OK
< Set-Cookie: AuthSession=amFuOjVBRTk3MENGOuKAb68qYzf5jJ7bIOq72Jlfw-Qb; Version=1; Secure; Path=/; HttpOnly
< Server: CouchDB/2.1.1 (Erlang OTP/18)
< Date: Wed, 02 May 2018 08:03:27 GMT
< Content-Type: application/json
< Content-Length: 44
< Cache-Control: must-revalidate
< 
{"ok":true,"name":"jan","roles":["sample"]}
* Connection #0 to host 192.168.1.106 left intact

我在上面的标题字段中看到了 cookie:

Set-Cookie: AuthSession=amFuOjVBRTk3MENGOuKAb68qYzf5jJ7bIOq72Jlfw-Qb; Version=1; Secure; Path=/; HttpOnly

我使用上面的 cookie 以管理员用户身份进行身份验证,并获取同一管理员用户的用户信息,如下所示:

$ curl -k -X GET https://192.168.1.106:6984/_users/org.couchdb.user:jan -H 'Cookie: AuthSession=amFuOjVBRTk3MENGOuKAb68qYzf5jJ7bIOq72Jlfw-Qb'
{"_id":"org.couchdb.user:jan","_rev":"3-f11b227a6e1236fa502af668fdbf326d","name":"jan","roles":["sample"],"type":"user","password_scheme":"pbkdf2","iterations":10,"derived_key":"a973123ebd9dbc2a543d477a506268b018e7aab4","salt":"0ef2111a894062b08ffd723fd34b6b75"}
于 2018-05-02T08:11:24.377 回答