Adding user sign up to your iOS app with Node.js and Couchbase Mobile

Base on Couchbase recommendation for custom authentication (Currently not using any OAuth, etc).
I have the following different set-ups, however I’m getting side-effects and overall not getting the session cookie, when set-up properly.

  1. Ideal setup (does not return session cookie):
    iOS App (Client-side) making POST request on port :3000/signup, gets routed by Node.js AppServer to port :4985 for request to CB Admin API endpoint /_user/ for creating a user. *Succeeds with 201.

Now, I have client-side sign in let’s say “user1” by POST request on port :3000/login, gets routed by appServer again to port :4985 for admin API endpoint /_session for authenticating a user. *Succeeds with 200. Does not return Cookie, or information in the response to use to attach to replication of sync-gateway.

Then, on subsequent request, username had to be valid, but “password” did not have to be and gets *Succeeds with 200 since “user1” session is active. Any valid username & password enter will replace current session.

NOTE: However, when I use Postman to make a direct post request to :4985 without going through the app server, a proper cookie session is returned with valid fields exactly as shown in cb documentations for Custom Authentication. However, this does not utilizes the app server, which is recommended.

  1. Non-Ideal uses public API, but gets cookie.

iOS App (Client-side) making POST request on port :3000/signup, gets routed by Node.js AppServer to port :4985 for request to CB Admin API endpoint /_user/ for creating a user. *Succeeds with 201.

Now, I have client-side sign in let’s say “user1” by POST request on port :4984/_session, *Succeeds with 200. returns Cookie, or information in the response to use to attach to replication of sync-gateway.

Then, on subsequent request, username & password did not have to be valid and gets *Succeeds with 200 since “user1” session is active. Any valid username & password enter will replace current session.