Check out my previous posts on this topic here: 1, 2
I currently have an AngularJS app with two controllers. The first one interacts with CouchDB documents, while the second handles sign-in requests to example.com/demo/_session.
Upon opening the application, I encounter an issue where I am unable to edit CouchDB data in the first controller because certain actions are restricted to logged-in users only. In the second controller, a simple POST request using $http is made to obtain an Http-only auth cookie called AuthSession. This cookie should be bound to the CouchDB address and ideally any request from the page to the CouchDB address should include this cookie.
However, this is not happening as expected. No calls are being made to CouchDB, except for those to /_session that come with the AuthSession cookie. For example, example.com/demo/_session works with AuthSession, but example.com/demo/records does not.
You can view screenshots of the issue here: https://i.sstatic.net/pSrKO.png https://i.sstatic.net/uBhT2.png https://i.sstatic.net/n7MBR.png
While learning about Angular and CouchDB, I've reached a roadblock.
What am I doing wrong? I prefer not to obscure CouchDB behind custom authentication methods as it seems overly complex and not advisable.
UPDATE: I'm also facing difficulties in obtaining the Set-Cookie header—it doesn't seem to be available in
HttpPromise.success(function (data, status, headers, config))headers. Even trying to access it via headers("Set-Cookie") has been unsuccessful.
Could there be an issue with my CouchDB configuration? I have shared it on pastebin for reference: uploaded it to pastebin.