durusmail: quixote-users: altdemo to also show form-based login and page access control
altdemo to also show form-based login and page access control
2005-02-28
Mario Ruggier (2 parts)
2005-02-28
Neil Schemenauer
2005-02-28
David Binger
altdemo to also show form-based login and page access control
2005-02-28
mso@oz.net
2005-03-01
Mario Ruggier
2005-03-01
David Binger
2005-03-01
Mario Ruggier
2005-03-01
David Binger
2005-03-01
Mario Ruggier
2005-03-01
David Binger
2005-03-01
Oscar Rambla
2005-03-02
Shalabh Chaturvedi
altdemo to also show form-based login and page access control
David Binger
2005-03-01
On Mar 1, 2005, at 6:15 AM, Mario Ruggier wrote:

> To get a better feeling of how RespondNow works, it would be nice to
> see some
> demo code, and preferably code that does not require the swallowing of
> too much
> other stuff to be digestible... i have not yet assimilated Dulcinea
> enough ;-(

Here's what we have instead of using NotLoggedInError.
I think the behavior the client sees is similar to what you describe
below,
in that there is no special login url.
We just call ensure_signed_in() anywhere where we are about to
expose information that requires authentication.

def ensure_signed_in(msg="Please sign in."):
     import dulcinea.ui.user.signin
     if not get_user():
         page = dulcinea.ui.user.signin.SignIn().form(login_reason=msg)
         if not get_user():
             get_response().set_body(page)
             get_publisher().respond_now() # raises RespondNow,

We have similar, but simpler functions "not_found()",
"invalid_query()", and "redirect()", all
of which set the response body, status, and headers as needed, and then
raise RespondNow.
Quixote doesn't need to have any knowledge about particular
application-level exceptions.

>
> Other than this, I have corrected a number of typos and minor things
> in the demo i sent yesterday, the most notable of which is that the
> login form action is now always set to the request's PATH_INFO, such
> that it is always submitted to the "target" page, and, if
> authorization is required, the login page is always shown instead, and
> on successful authorization, the target page is displayed, even after
> possibly several failed attempts.  I'll resend it if desired.
>
> On Mar 1, 2005, at 12:19 AM, mso@oz.net wrote:
>> (._q_access() if I remember needs a kludge to do redirects, and
>> doesn't do
>> alternate documents without hacking.)
>
> I am not really redirecting... from the Publisher's try_publish() I am
> returning
> the contents of self.root_directory.login() when publishing fails due
> to a
> NotLoggedInError.
>
> mario
>
>
> _______________________________________________
> Quixote-users mailing list
> Quixote-users@mems-exchange.org
> http://mail.mems-exchange.org/mailman/listinfo/quixote-users
reply