I am planning on using custom authentication using something similar to this example https://blog.couchbase.com/custom-authentication-with-couchbase-mobile/
I have a couple of user document related questions regarding storing the password .
Since all my sync gateway user sessions will be fetched using the admin API and I’ll be authenticating with my own custom provider, what is the point of storing password in the user document?
databases.foo_db.allow_empty_passwordoption make is so you can only authenticate through sync gateways admin API? or does it make it so users can authenticate through the public API without password?
What is the best practice if I never have a need to authenticate users through the sync gateway public API? Should I store their password from my custom authentication provider in the user document? Should I/ Can I disable the public _session endpoint? What do others do?