Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication not work with pouchdb 7.2.1 #264

Open
slmarcos opened this issue Jul 5, 2020 · 7 comments
Open

Authentication not work with pouchdb 7.2.1 #264

slmarcos opened this issue Jul 5, 2020 · 7 comments

Comments

@slmarcos
Copy link

slmarcos commented Jul 5, 2020

Hello, I am trying to use authentication in pouchDb 7.2.1. The login is successful but when starting the synchronization I receive the following message: "You are not authorized to access this db".

I followed the steps described in the documentation. And I didn't find any configuration flaws.

Thanks.
@slmarcos slmarcos changed the title Authentication not work with pouchdb 7 Authentication not work with pouchdb 7.2.1 Jul 5, 2020
@SinanGabel
Copy link

If you are using couchdb 3.0 or later then see the previous Issue #263 for a solution.

@shaohli2021
Copy link

I'm currently having the same issue, did you end up finding out what the problem was?

@slmarcos
Copy link
Author

Hello @shaohli2021 , I didn't have the opportunity to test the @SinanGabel solution, I'm currently connecting using basic user and password authentication.

@amustapha
Copy link

I also faced this issue, however it turned out not to be a couchdb/pouchdb issue but a browser related problem.

PouchDB Authentication returns set-cookie header on successful authentication which isn't honored by newer browsers. Here's why: https://web.dev/samesite-cookies-explained/

In production, your app should would work if your CouchDB is hosted on the same root domain, e.g x.couch.com, y.couch.com. However if they're on entirely different domains, you might have to modify your request response headers. If it doesn't work in development mode, you can turn off the behavior on Google chrome by
Navigating to: chrome://flags/#same-site-by-default-cookies
Disable: "SameSite by default cookies" and "Enable removing SameSite=None cookies"

As of today, it google chrome is the only browser that has this implemented (version 80+)

@DrMarkEy DrMarkEy mentioned this issue Oct 25, 2020
Open
@SinanGabel
Copy link

PS samesite cookies, one can do the following:

(1) In couchdb local.ini configuration set:

[couch_httpd_auth]
same_site = None

(2) In your reverse proxy you will need to make a change too, for nginx web server one can add:

proxy_cookie_path / "/; HTTPOnly; Secure";

@komorebi-san
Copy link

I am using Google Chrome 90 and facing this issue. I have disable the "Enable removing SameSite=None cookies" but still it doesnt work..

@burotica49
Copy link

burotica49 commented Jan 17, 2022
edited

Hello,

I have the same problem with pouchDB authentication and VueJS.
Everything works fine except on Safari and iOS.

In couchdb local.ini configuration, i add:

[couch_httpd_auth]
same_site = None

this.remote.login returns me the correct information, but this.remote.getsession returns me an empty userCtx.

I tested with Axios, when I query the getsession userCtx empty

Best regard

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@SinanGabel @komorebi-san @amustapha @shaohli2021 @slmarcos @burotica49