我尝试了很多配置,但未能通过这个Karma / Jasmine单元测试。我缺少什么想法?
运行CouchDb 1.6.1。 Jasmine单元测试在IntelliJ IDEA中运行。
describe("CouchDb Auth")
it("Test login", function (done) {
var auth = {
username: 'demo',
password: 'omed'
}
var url = 'http://127.0.0.1:5984/demo';
var ajaxOpts = {
headers: {
// 'Access-Control-Allow-Credentials': 'true',
'Authorization': 'Basic ' + window.btoa(auth.username + ':' + auth.password),
}
};
var db = new PouchDB(url, {skipSetup: true});
db.login(auth.username, auth.password, ajaxOpts)
.then(function(res) {
console.log(res);
done();
})
.catch(function(err) {
console.log(err);
done('Failed to login');
});
});
});
local.ini文件:Couch 1.6.1
[couchdb]
;max_document_size = 4294967296 ; bytes
uuid = 3fe8f6afb42b8fde93b8b66818b3476c
[httpd]
bind_address = 0.0.0.0
enable_cors = true
; Uncomment next line to trigger basic-auth popup on unauthorized requests.
WWW-Authenticate = Basic realm="administrator"
; WWW-Authenticate = Other realm="app"
[cors]
; You can’t set origins: * and credentials = true at the same time.
credentials = true
; List of origins separated by a comma, * means accept all
; Origins must include the scheme: http://example.com
origins = http://localhost:9876
; List of accepted headers separated by a comma
headers = accept, authorization, content-type, origin, referer, cache-control, x-requested-with, x-csrf-token
; List of accepted methods
methods = GET, PUT, POST, HEAD, DELETE
[couch_httpd_auth]
secret = somesecretstuff
require_valid_user = true
[log]
level = debug
[ssl]
;cert_file = /full/path/to/server_cert.pem
;key_file = /full/path/to/server_key.pem
;password = somepassword
; set to true to validate peer certificates
verify_ssl_certificates = false
; Path to file containing PEM encoded CA certificates (trusted
; certificates used for verifying a peer certificate). May be omitted if
; you do not want to verify the peer.
;cacert_file = /full/path/to/cacertf
; The verification fun (optional) if not specified, the default
; verification fun will be used.
;verify_fun = {Module, VerifyFun}
; maximum peer certificate depth
ssl_certificate_max_depth = 1
[vhosts]
[update_notification]
[admins]
;admin = mysecretpassword
; demo = omed
demo = -pbkdf2-606718f546624acae3a7ed561540352921281e7c,a1d619524376dfbd0f8f6547856d74eb,10
答案 0 :(得分:2)
pouchdb-authentication实际上设计为使用 cookie身份验证,而不是 HTTP身份验证(即Authorization标头)。调用db.login()应该足够好了,因为它会为你设置cookie。
如果您不确定为什么会失败,我建议您只在您自己的浏览器中运行pouchdb-authentication测试套件与您自己的CouchDB,因此您可以尝试确定问题是否在您的Nginx层,CouchDB配置中,你的pouchdb认证配置等。为此,它只是:
git clone https://github.com/nolanlawson/pouchdb-authentication.git
cd pouchdb-authentication
npm install
npm run dev
然后在浏览器中打开http://127.0.0.1:8002/test/index.html。它将尝试使用localhost进行身份验证:5984。
答案 1 :(得分:0)
HTTP身份验证
https://github.com/pouchdb/pouchdb/blob/master/src/adapters/http/index.js
if (opts.auth || host.auth) {
var nAuth = opts.auth || host.auth;
var token = btoa(nAuth.username + ':' + nAuth.password);
ajaxOpts.headers = ajaxOpts.headers || {};
ajaxOpts.headers.Authorization = 'Basic ' + token;
}
所以ajaxOpts应该是
var ajaxOpts = {
auth: {
username:'...',
password:'...'
}
};
使用phonegap,没有cookie。