What I have now: AngularJS app with two controllers. First works with CouchDB documents and the second perform sign-in requests to example.com/demo/_session.
When I open application, I can't do editing with couchdb (in first controller), because some actions I've limited to logged users only. In second controller I'm sending simple POST over $http, which return Http-only (so no cookie magic there) auth cookie AuthSession. That cookie bound to couchdb address and in theory any request from page to couchdb address must contain that cookie also.
But this no happens. No one call to couchdb, except calls to /_session comes with AuthSession cookie. E.g. example.com/demo/_session getting with AuthSession and example.com/demo/records not.
In learning Angular and CouchDB I came to deadlock.
What I'm doing wrong? I do not want to hide couchdb behind something with custom auth — too complex and not a good way, I think.
UPD: Getting Set-Cookie header also fails — it not available in HttpPromise.success(function (data, status, headers, config)) headers. I'm tried to get it like headers("Set-Cookie") — no luck.
Maybe something wrong in couchdb configuration? I've uploaded it to pastebin.
