sensiblearts commented on issue #5343: URL: https://github.com/apache/couchdb/issues/5343#issuecomment-2504275558
@big-r81 , I started with a fresh data folder and initialized the single node db with `http://127.0.0.1:5984/_utils/#setup`. Note that it is using the same local.ini file (with `chttpd_auth` settings (`secret`, `hash_algorithms` == `sha256, sha`). Next, I ran my (elixir) code that was working before, to 1) create a user, 2) create the user's db, and 3) set security settings on the db. Again, I get `Unauthorized`. The only think that I can think of is that the couch **secret**, even though it is the same as it was, in the Fauxton settings, is not valid. Can you point me to link(s) to explain **how to reset the secret** and generate proper tokens for a per-user database? Below shows how I'm currently doing the token. (I changed the secret by adding it to [chttpd_auth] in local.ini, but I get the same result. Also, I thought couch was supposed to hash it and write it back to the ini file, but I see only what I originally typed in, no hash.) How I'm using the token, in the code for the request headers: ```elixir defp cb_token do couch_secret = Application.get_env(:njeco, :couch_secret) couch_admin = Application.get_env(:njeco, :couch_admin) :crypto.mac(:hmac, :sha256, couch_secret, couch_admin) |> Base.encode16 |> String.downcase end defp headers do [ {"Access-Control-Allow-Origin", "*"}, {"Content-Type", "application/json"}, {"X-Auth-CouchDB-UserName", Application.get_env(:njeco, :couch_admin)}, {"X-Auth-CouchDB-Roles", "_admin"}, {"X-Auth-CouchDB-Token", cb_token()}, {"Accept", "Application/json; Charset=utf-8"} ] end ``` And a snippet of the responses: ``` user create: status: 401, body: "{\"error\":\"unauthorized\",\"reason\":\"You are not authorized to access this db.\"}\n", sec create: status: 401, body: "{\"error\":\"unauthorized\",\"reason\":\"You are not a server admin.\"}\n", db create: status: 404, body: "{\"error\":\"not_found\",\"reason\":\"Database does not exist.\"}\n", ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
