(couchdb) branch main updated: Document upgrade_hash_on_auth

Thu, 12 Sep 2024 13:16:26 -0700 

This is an automated email from the ASF dual-hosted git repository.

vatamane pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/couchdb.git


The following commit(s) were added to refs/heads/main by this push:
     new 48eb3fb88 Document upgrade_hash_on_auth
48eb3fb88 is described below

commit 48eb3fb88dcf7adc0d2464a5a3b3bf624f22d7ae
Author: Nick Vatamaniuc <vatam...@apache.org>
AuthorDate: Thu Sep 12 16:02:53 2024 -0400

    Document upgrade_hash_on_auth
---
 src/docs/src/config/auth.rst  | 12 +++++++++++-
 src/docs/src/whatsnew/3.4.rst |  5 +++++
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/src/docs/src/config/auth.rst b/src/docs/src/config/auth.rst
index 665a4fb74..ca001d9e4 100644
--- a/src/docs/src/config/auth.rst
+++ b/src/docs/src/config/auth.rst
@@ -387,6 +387,16 @@ Authentication Configuration
             [chttpd_auth]
             x_auth_username = X-Auth-CouchDB-UserName
 
+    .. config:option:: upgrade_hash_on_auth :: Auto-upgrade user auth docs on 
next auth call
+
+        .. versionadded:: 3.4
+
+        Upgrade user auth docs during the next successful
+        authentication using the current password hashing settings. ::
+
+            [chttpd_auth]
+            upgrade_hash_on_auth = true
+
 .. config:section:: jwt_auth :: JWT Authentication
 
     .. config:option:: required_claims :: Mandatory claims in JWT tokens
@@ -396,7 +406,7 @@ Authentication Configuration
         is sent if any are missing. ::
 
             [jwt_auth]
-                required_claims = exp,iat
+            required_claims = exp,iat
 
     .. config:option:: roles_claim_name :: Optional CouchDB roles claim in JWT 
token \
         (deprecated)
diff --git a/src/docs/src/whatsnew/3.4.rst b/src/docs/src/whatsnew/3.4.rst
index 65e35d3c3..0e54d0531 100644
--- a/src/docs/src/whatsnew/3.4.rst
+++ b/src/docs/src/whatsnew/3.4.rst
@@ -115,6 +115,11 @@ Highlights
   Entries in the password hash cache are time-limited, unused entries are
   automatically deleted, and there is a capacity bound.
 
+  Existing hashed user doc entries will be automatically upgraded
+  during the next successful authentication. To disable auto-upgrading
+  set the ``[chttpd_auth] upgrade_hash_on_auth`` config setting to
+  ``false``.
+
 * :ghissue:`4512`: Mango: add keys-only covering indexes. Improves query
   response times for certain queries up to 10x at p(95).

Reply via email to