You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Best practices for hashing passwords is to use the highest number of iterations possible. In CouchDb, the recommended number of iterations is 10000, with this disclaimer:
A higher number provides better hash durability, but comes at a cost in performance for each request that requires authentication. When using hundreds of thousands of iterations, use session cookies, or the performance hit will be huge. Source
I've already developed a plugin that wraps pouchdb-adapter-http to add a call to _session and/or append the resulting AuthSession cookie header for outgoing requests: https://github.com/medic/pouchdb-session-authentication
I'm keen to work to include similar logic into the adapter directly.
Issue
Best practices for hashing passwords is to use the highest number of iterations possible. In CouchDb, the recommended number of iterations is 10000, with this disclaimer:
pouchdb-adapter-http
uses basic authentication exclusively.I'm proposing to update
pouchdb-adapter-http
so that it supports using session authentication, along with basic authentication.The text was updated successfully, but these errors were encountered: