Authorizing User in couchbase sync gateway

#1

Authorizing User through code:

String url = “http://localhost:4984/sync_gateway/_user/GUEST”;
URL obj = new URL(url);
HttpURLConnection con = (HttpURLConnection) obj.openConnection();

	con.setRequestMethod("POST");
            con.setRequestProperty("Content-Type", "application/json");


	String urlParameters = "{\"disabled\":\"false\", \"admin_channels\":[\"public\"]}";

	// Send post request
	con.setDoOutput(true);
	DataOutputStream wr = new DataOutputStream(con.getOutputStream());
	wr.writeBytes(urlParameters);
	wr.flush();
	wr.close();

after executing this is code getting response code : 405
and user is also not authorized.
kindly tell me is this a correct way for Authorizing Users?

#2

Hi,

you should get something like this in return “session_id”:“b638a363165e56aec1c9482e369faef63d1644f0”,“expires”:“2012-02-05T03:52:14.821962137-08:00”,“cookie_name”:“SyncGatewaySession”

1 session id is a must.

  1. use this String url = “http://localhost:4985/sync_gateway/_user/”;
    please remove guest

  2. Also name and password needs to be send as post data. i dont think you are sending these.

Thanks hope this helps
Arjun

#3

@zeeshan_niazi It looks like you’ve got a couple of problems here.

  1. Users can only be created via the Admin API (defaults to port 4985) - it looks like you’re trying to create the user via the public API (4984).
  2. The /_user/[username] API doesn’t accept POST - you need to use PUT in this case. If you want to use POST, you should use the /_user/ endpoint, and put the name in the body as “name”:“myname”.

Admittedly the documentation for the /_user/ API is a bit sparse (http://developer.couchbase.com/mobile/develop/references/sync-gateway/admin-rest-api/index.html) - I’ll file an issue to get that updated for clarity.

Thanks,
Adam

#4

One additional note - I’m assuming you’re trying to create a new user, based on the admin_channels property in your original request. If you’re actually just trying to authenticate an existing user, there are two options:

  1. If you’re trying to get a session for a user via the Admin API (as part of a custom auth implementation), you should do a POST to :4985/sync_gateway/_session, sending “name”:“myname” in the body.
  2. If you’re trying to authenticate over the public API using BASIC auth, you need to set the BASIC auth header in your request.

Thanks,
Adam

#5

Now I have tried following code. but its again showing response code : 400
I want to create new user, or tell me how can I authenticate Guest user. because I only want to run couchbase lite replication code, to replicate my couchbase lite data into couchbase server.

String url = “http://localhost:4985/sync_gateway/_user/”;

	URL obj = new URL(url);
	HttpURLConnection con = (HttpURLConnection) obj.openConnection();

	con.setRequestMethod("POST");
            con.setRequestProperty("Content-Type", "application/json");
            con.setRequestProperty("Accept", "application/json");

	String urlParameters = "{\"session_id\":\"b638a363165e56aec1c9482e369faef63d1644f0\",\"expires\":\"2016-02-05T03:52:14.821962137-08:00\",\"cookie_name\":\"SyncGatewaySession\",\"name\":\"niazi\",\"password\":\"niazi\",\"disabled\":\"false\"}";
	

	// Send post request
	con.setDoOutput(true);
	DataOutputStream wr = new DataOutputStream(con.getOutputStream());
	wr.writeBytes(urlParameters);
	wr.flush();
	wr.close();
#6

@zeeshan_niazi If you want to allow anonymous access (which is what using the GUEST user means), you just need to enable the GUEST user in your Sync Gateway config file, and give them access to the * channel so that they have access to all documents. To do this you just need to add the line
"users": { "GUEST": { "disabled": false, "admin_channels": ["*"] } }
to your Sync Gateway configuration file (see a full example config that defines GUEST here: https://github.com/couchbase/sync_gateway/blob/master/examples/basic-couchbase-bucket.json).

At that point you should be able to make requests against port 4984 without providing any user credentials.