Custom authentication through Google - user registration

RKing · April 21, 2015, 10:14am

I have nearly finished a very simple custom authentication web app which receives and checks a Google authentication token and once verified, attempts to create a new session for that user using the Sync Gateway admin REST interface. As expected, the user does not currently exist, so I am required to create that user before requesting the session again.

The problem that I have is through my testing using cURL it seems that Sync Gateway requires a password to be entered for the user. Although this actually makes total sense to me, in my scenario I am not in possession of the users password as authentication is being handled by Google. What are other peoples experience when using custom authentication, where you don’t necessarily want to handle passwords through Sync Gateway?

jamiltz · April 21, 2015, 10:55am

Hi @RKing,

As long as the user password is hard to guess it should be fine.
When creating a user via sync gateway, you can provide a random password.
And when creating the session on the admin port, the password can be omitted.

Here are two slides describing the authentication flow with Twitter’s login API: https://www.icloud.com/keynote/AwBUCAESEK0Jzi9QXaKd83AA--de9QMaKZeEjK6D5QIom4Enesskm3ubJHJL8Q-OhDVwabaLZmn-7mWAtOINv3hIMCUCAQEEIF2mGHWQhIr2RJS5xed0w9VCdNB-o8lln7PQxYPLM1CP#custom_authentication

James

Topic		Replies	Views
Sync Gateway: User Document with Custom Authentication Sync Gateway	2	1075	October 9, 2019
How to setup sync gateway authentication using google login Other	1	2741	December 3, 2013
Creating a user account with username and password from a mobile app Sync Gateway	1	584	September 4, 2022
Sync Gate way User Creation Sync Gateway	4	825	April 17, 2020
User authentication plugin for PouchDB work with Sync Gateway Sync Gateway	19	8982	July 27, 2020

Custom authentication through Google - user registration

Related topics