Re: How setup (I guess) Pylons routes when app run under WSGIAlias /something
I don't know how I can Add ticket on http://authkit.org/trac/newticket#preview
? The problem is:
Values like:
* authkit.redirect.url
* authkit.signin
* authkit.cookie.signout
set in *.ini file is still static URLs. This mean when I move my
application from some.address.com/ to (for example) address.com/some
or something else where is present part after backslash (this is
common situation with mod_wsgi and WSGIAlias Directive) this three
values must be modified by hand for any different configuration.
IMHO this should be rather = url_for('/controller/action') not just =
'/controller/action'.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
pylons-discuss group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to
pylons-discuss+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en
-~--~~~~--~~--~--~---
Re: No secure_form token after use htmlfill.render with defaults.
Hi Everyone ! I downgrade FormEncode from 1.2.2 to 1.2.1 and all is right. In version 1.2.1 parameter force_defaults doesn't exists and work fine with secure_form. I also send ticket to bugtrack https://sourceforge.net/tracker/?func=detailaid=2795224group_id=91231atid=596416 I hope this help someone. Greetings from Poland ! -- Jan Koprowski --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-discuss@googlegroups.com To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~--~~~~--~~--~--~---
Re: No secure_form token after use htmlfill.render with defaults.
Jan Koprowski pisze:
Hi Everyone !
I downgrade FormEncode from 1.2.2 to 1.2.1 and all is right. In
version 1.2.1 parameter force_defaults doesn't exists and work fine
with secure_form. I also send ticket to bugtrack
https://sourceforge.net/tracker/?func=detailaid=2795224group_id=91231atid=596416
I hope this help someone.
Greetings from Poland !
--
Jan Koprowski
I think the problem is in @authenticate_form.
This function/decorator remove request.POST['_authentication_token'].
Htmlfill doesn't have this value and set empty string.
Ex:
html = render('/my_template.mako') # - _authentication_token is set
return htmlfill.render(html, defaults=request.POST, errors=errors,
force_defaults=False) # - without force_defaults=False
_authentication_token will be cleared.
Best Regards,
Tomasz Narloch
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
pylons-discuss group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to
pylons-discuss+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en
-~--~~~~--~~--~--~---
Re: Where are my controllers?
Hi! The solution is sys.modules at first. I get *global_data, and other common modules, and check, which are use same pre-tag. If I found them all, the pre-tag is my Pylons Project name, and with this tag I can found all modules, and modules have __file__ member that can inform me the paths I need. Example: ity.lib ity.lib.app_globals ity.config.environment ity.lib.base ity.controllers ity Thanks for me... :-) dd On máj. 21, 16:45, durumdara durumd...@gmail.com wrote: Hi! I used a code in global_data init to append my shared libs to sys.path (to simplify the imports). One of these libs are a special object that collect and hold many informations, and request are create this to use it's functions. F. ex: def index(self): R = Request() R.DoSomething... html = R.CheetahRenderDef() return html I wanna ask that how can this Request object know about the physical place of the Pylons dirs, like controllers, or other dirs... (c:\web \pylons\ddd\site\site\controllers) Ok, I can pass it in my creation with this: R = Request(__file__) But this creation is existing in many codes, libs (without parameter), and I wanna avoid this replace. If possible, I wanna get informations from the Pylons. Do you know about a property, function, etc. that can provide me the Pylons directory info? Thanks for your help: dd --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-discuss@googlegroups.com To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~--~~~~--~~--~--~---
Including a components stylesheet
I have three template folders.
base, pages and components.
base contains my site furniture.
components are the various reusable elements of the site.
pages pull it all together by including a base file and calling
various components files
The base file includes the head tag and so any style sheets need to be
included here.
I can include a style sheet in the pages file by putting the following
in the base file.
head
link href=/style/furniture.css media=all rel=stylesheet
type=text/css /
${next.Head()}
/head
and then the following in the page file.
%def name=Head()
link href=/style/page.css media=all rel=stylesheet
type=text/css /
/%def
But how do I attach a style from the component file?
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
pylons-discuss group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to
pylons-discuss+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en
-~--~~~~--~~--~--~---
challenges while upgrading to 0.9.7
I have a project in production, and I decided to upgrade my app from
0.9.6.1 to 0.9.7. I read all the docs related to upgrading. I
decided to use paster create myapp -t pylons to upgrade my project.
These are the headaches I encountered:
* Warn people that if they use paster create to upgrade their project, they
probably don't want to override base.py. After all, paster create doesn't
update your controllers, and my controllers depended on the imports in
base.py.
* AttributeError: 'module' object has no attribute 'url_for'
I was using h.url_for in a controller. It's even mentioned in
http://wiki.pylonshq.com/pages/viewpage.action?pageId=11174779
(which is probably a bug). I didn't find any mention in the upgrading docs
that this was gone. I added from routes import url_for to my helpers.py.
* The jsonify decorator sets the Content-Type header, but it doesn't
specify a charset. Paste freaks out if you do that. Here's what my
controller does to work around that problem:
def _jsonify(self, s):
This converts the jsonify decorator into a normal method.
Sometimes a decorator isn't what I need, and treating a function
decorator as a normal function is funky.
HACK: The jsonify decorator sets the Content-Type header, but it
doesn't specify a charset. Paste freaks out if you do that.
ret = jsonify(lambda: s)()
response.headers['Content-Type'] = 'application/json; charset=UTF-8'
return ret
* I updated my imports in helpers.py per the upgrading docs, but I was a bit
surprised to find out that stylesheet_link_tag was gone. It's been renamed
stylesheet_link.
* Since I decided to keep my old base.py (since I like the automatic imports),
I had to manually change how I imported render to
from pylons.templating import render_mako as render. The old render
function is still available, and it's different from the new render
function. I'm guessing this isn't a big deal.
* I had code that was setting response.status_code. It's documented here
http://wiki.pylonshq.com/pages/viewpage.action?pageId=11174779 that you
should use status_int. However, I didn't catch that and there was no
deprecation warning. Hence, my code failed silently, or rather it didn't
fail at all. It returned a 200 when I was trying to return a 400. A
deprecation warning would have been nice.
* Once I got response.status_code working, it started shoving my HTML
response into the middle of a big error template instead of just serving
what I had. This totally messed with my Web service which counts on
the sparse HTML error messages I provide. I hacked around the problem.
In my action, I wrote:
request.environ['error_response_is_intentional'] = True
In error.py's document method, I wrote:
resp = request.environ['pylons.original_response']
if request.environ.get('error_response_is_intentional', False):
page = resp.body
else:
content = literal(resp.body) or
cgi.escape(request.GET.get('message', ''))
page = error_document_template % \
dict(prefix=request.environ.get('SCRIPT_NAME', ''),
code=cgi.escape(request.GET.get('code',
str(resp.status_int))),
message=content)
return pag
This is definitely a hack. I'm not even sure why this behavior changed.
If I set request.status_code, and I set the HTML containing the error
message, it should just leave it alone.
By the way, why does the code use
request.environ.get('pylons.original_response') when it soon does
resp.body? Why not do a normal dict lookup (i.e. [])? If you don't have
that key, you'll get a None, and resp.body will crash anyway.
Ok, I hope that was helpful. If you want bugs for any of these, I'm
happy to submit them.
Best Regards,
-jj
--
In this life we cannot do great things. We can only do small things
with great love. -- Mother Teresa
http://jjinux.blogspot.com/
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
pylons-discuss group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to
pylons-discuss+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en
-~--~~~~--~~--~--~---
Re: challenges while upgrading to 0.9.7
On May 22, 2:33 am, Shannon -jj Behrens jji...@gmail.com wrote:
I have a project in production, and I decided to upgrade my app from
0.9.6.1 to 0.9.7. I read all the docs related to upgrading. I
decided to use paster create myapp -t pylons to upgrade my project.
These are the headaches I encountered:
* Warn people that if they use paster create to upgrade their project, they
probably don't want to override base.py. After all, paster create doesn't
update your controllers, and my controllers depended on the imports in
base.py.
* AttributeError: 'module' object has no attribute 'url_for'
I was using h.url_for in a controller. It's even mentioned in
http://wiki.pylonshq.com/pages/viewpage.action?pageId=11174779
(which is probably a bug). I didn't find any mention in the upgrading docs
that this was gone. I added from routes import url_for to my helpers.py.
* The jsonify decorator sets the Content-Type header, but it doesn't
specify a charset. Paste freaks out if you do that. Here's what my
controller does to work around that problem:
def _jsonify(self, s):
This converts the jsonify decorator into a normal method.
Sometimes a decorator isn't what I need, and treating a
function
decorator as a normal function is funky.
HACK: The jsonify decorator sets the Content-Type header, but it
doesn't specify a charset. Paste freaks out if you do that.
ret = jsonify(lambda: s)()
response.headers['Content-Type'] = 'application/json; charset=UTF-8'
return ret
I'm using @jsonify as-is and haven't seen this problem.
* I updated my imports in helpers.py per the upgrading docs, but I was a bit
surprised to find out that stylesheet_link_tag was gone. It's been renamed
stylesheet_link.
* Since I decided to keep my old base.py (since I like the automatic
imports),
I had to manually change how I imported render to
from pylons.templating import render_mako as render. The old render
function is still available, and it's different from the new render
function. I'm guessing this isn't a big deal.
* I had code that was setting response.status_code. It's documented here
http://wiki.pylonshq.com/pages/viewpage.action?pageId=11174779that you
should use status_int. However, I didn't catch that and there was no
deprecation warning. Hence, my code failed silently, or rather it didn't
fail at all. It returned a 200 when I was trying to return a 400. A
deprecation warning would have been nice.
* Once I got response.status_code working, it started shoving my HTML
response into the middle of a big error template instead of just serving
what I had. This totally messed with my Web service which counts on
the sparse HTML error messages I provide. I hacked around the problem.
In my action, I wrote:
request.environ['error_response_is_intentional'] = True
In error.py's document method, I wrote:
resp = request.environ['pylons.original_response']
if request.environ.get('error_response_is_intentional', False):
page = resp.body
else:
content = literal(resp.body) or
cgi.escape(request.GET.get('message', ''))
page = error_document_template % \
dict(prefix=request.environ.get('SCRIPT_NAME', ''),
code=cgi.escape(request.GET.get('code',
str(resp.status_int))),
message=content)
return pag
This is definitely a hack. I'm not even sure why this behavior changed.
If I set request.status_code, and I set the HTML containing the error
message, it should just leave it alone.
One of the default middlewares is doing this--StatusCodeRedirect. I
completely removed this from the Pylons project I'm using for web
services.
In another project, I have this in certain controllers:
request.environ['pylons.status_code_redirect'] = True
I found that by reading the source. If I understand it correctly, it
disables StatusCodeRedirect for a given request. (It seems to work,
but the semantics are confusing.)
By the way, why does the code use
request.environ.get('pylons.original_response') when it soon does
resp.body? Why not do a normal dict lookup (i.e. [])? If you don't have
that key, you'll get a None, and resp.body will crash anyway.
Ok, I hope that was helpful. If you want bugs for any of these, I'm
happy to submit them.
Best Regards,
-jj
--
In this life we cannot do great things. We can only do small things
with great love. -- Mother Teresahttp://jjinux.blogspot.com/
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
pylons-discuss group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to
Re: challenges while upgrading to 0.9.7
On May 22, 10:48 am, Wyatt Baldwin wyatt.lee.bald...@gmail.com
wrote:
On May 22, 2:33 am, Shannon -jj Behrens jji...@gmail.com wrote:
[snip]
* Once I got response.status_code working, it started shoving my HTML
response into the middle of a big error template instead of just serving
what I had. This totally messed with my Web service which counts on
the sparse HTML error messages I provide. I hacked around the problem.
In my action, I wrote:
request.environ['error_response_is_intentional'] = True
In error.py's document method, I wrote:
resp = request.environ['pylons.original_response']
if request.environ.get('error_response_is_intentional', False):
page = resp.body
else:
content = literal(resp.body) or
cgi.escape(request.GET.get('message', ''))
page = error_document_template % \
dict(prefix=request.environ.get('SCRIPT_NAME', ''),
code=cgi.escape(request.GET.get('code',
str(resp.status_int))),
message=content)
return pag
This is definitely a hack. I'm not even sure why this behavior changed.
If I set request.status_code, and I set the HTML containing the error
message, it should just leave it alone.
One of the default middlewares is doing this--StatusCodeRedirect. I
completely removed this from the Pylons project I'm using for web
services.
In another project, I have this in certain controllers:
request.environ['pylons.status_code_redirect'] = True
I found that by reading the source. If I understand it correctly, it
disables StatusCodeRedirect for a given request. (It seems to work,
but the semantics are confusing.)
For reference, this is documented on line 176 of pylons.middleware.
Not sure if it's in the official docs anywhere.
Should an application wish to bypass the error response (ie, to
purposely return a 401), set
``environ['pylons.status_code_redirect'] = True`` in the
application.
This comment is pretty clear, but when you go back and read the code
where you used this, it's easy to misinterpret. Perhaps the key should
be 'pylons.status_code_redirect.circumvent'. Or maybe the value should
be False (although the check for this key doesn't even look at the
value).
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
pylons-discuss group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to
pylons-discuss+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en
-~--~~~~--~~--~--~---
Re: challenges while upgrading to 0.9.7
* Once I got response.status_code working, it started shoving my HTML
response into the middle of a big error template instead of just serving
what I had. This totally messed with my Web service which counts on
the sparse HTML error messages I provide. I hacked around the problem.
In my action, I wrote:
request.environ['error_response_is_intentional'] = True
In error.py's document method, I wrote:
resp = request.environ['pylons.original_response']
if request.environ.get('error_response_is_intentional', False):
page = resp.body
else:
content = literal(resp.body) or
cgi.escape(request.GET.get('message', ''))
page = error_document_template % \
dict(prefix=request.environ.get('SCRIPT_NAME', ''),
code=cgi.escape(request.GET.get('code',
str(resp.status_int))),
message=content)
return pag
This is definitely a hack. I'm not even sure why this behavior changed.
If I set request.status_code, and I set the HTML containing the error
message, it should just leave it alone.
One of the default middlewares is doing this--StatusCodeRedirect. I
completely removed this from the Pylons project I'm using for web
services.
In another project, I have this in certain controllers:
request.environ['pylons.status_code_redirect'] = True
I found that by reading the source. If I understand it correctly, it
disables StatusCodeRedirect for a given request. (It seems to work,
but the semantics are confusing.)
Yep, that worked like a charm, thanks!
Since this is a change in behavior and it requires a change in code to
get the old behavior back, it probably makes sense to call this out in
the upgrading docs.
Thanks Again,
-jj
--
In this life we cannot do great things. We can only do small things
with great love. -- Mother Teresa
http://jjinux.blogspot.com/
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
pylons-discuss group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to
pylons-discuss+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en
-~--~~~~--~~--~--~---
Re: challenges while upgrading to 0.9.7
On Fri, May 22, 2009 at 2:33 AM, Shannon -jj Behrens jji...@gmail.com wrote:
I have a project in production, and I decided to upgrade my app from
0.9.6.1 to 0.9.7. I read all the docs related to upgrading. I
decided to use paster create myapp -t pylons to upgrade my project.
These are the headaches I encountered:
* Warn people that if they use paster create to upgrade their project, they
probably don't want to override base.py. After all, paster create doesn't
update your controllers, and my controllers depended on the imports in
base.py.
* AttributeError: 'module' object has no attribute 'url_for'
I was using h.url_for in a controller. It's even mentioned in
http://wiki.pylonshq.com/pages/viewpage.action?pageId=11174779
(which is probably a bug). I didn't find any mention in the upgrading docs
that this was gone. I added from routes import url_for to my helpers.py.
* The jsonify decorator sets the Content-Type header, but it doesn't
specify a charset. Paste freaks out if you do that. Here's what my
controller does to work around that problem:
def _jsonify(self, s):
This converts the jsonify decorator into a normal method.
Sometimes a decorator isn't what I need, and treating a
function
decorator as a normal function is funky.
HACK: The jsonify decorator sets the Content-Type header, but it
doesn't specify a charset. Paste freaks out if you do that.
ret = jsonify(lambda: s)()
response.headers['Content-Type'] = 'application/json; charset=UTF-8'
return ret
* I updated my imports in helpers.py per the upgrading docs, but I was a bit
surprised to find out that stylesheet_link_tag was gone. It's been renamed
stylesheet_link.
* Since I decided to keep my old base.py (since I like the automatic
imports),
I had to manually change how I imported render to
from pylons.templating import render_mako as render. The old render
function is still available, and it's different from the new render
function. I'm guessing this isn't a big deal.
* I had code that was setting response.status_code. It's documented here
http://wiki.pylonshq.com/pages/viewpage.action?pageId=11174779 that you
should use status_int. However, I didn't catch that and there was no
deprecation warning. Hence, my code failed silently, or rather it didn't
fail at all. It returned a 200 when I was trying to return a 400. A
deprecation warning would have been nice.
* Once I got response.status_code working, it started shoving my HTML
response into the middle of a big error template instead of just serving
what I had. This totally messed with my Web service which counts on
the sparse HTML error messages I provide. I hacked around the problem.
In my action, I wrote:
request.environ['error_response_is_intentional'] = True
In error.py's document method, I wrote:
resp = request.environ['pylons.original_response']
if request.environ.get('error_response_is_intentional', False):
page = resp.body
else:
content = literal(resp.body) or
cgi.escape(request.GET.get('message', ''))
page = error_document_template % \
dict(prefix=request.environ.get('SCRIPT_NAME', ''),
code=cgi.escape(request.GET.get('code',
str(resp.status_int))),
message=content)
return pag
This is definitely a hack. I'm not even sure why this behavior changed.
If I set request.status_code, and I set the HTML containing the error
message, it should just leave it alone.
By the way, why does the code use
request.environ.get('pylons.original_response') when it soon does
resp.body? Why not do a normal dict lookup (i.e. [])? If you don't have
that key, you'll get a None, and resp.body will crash anyway.
Ok, I hope that was helpful. If you want bugs for any of these, I'm
happy to submit them.
One more:
* I don't use the Pylons way of running nose. I test my Pylons app as just
one of the packages in my project. Hence, I have a Makefile
with nosetests --with-doctest $(OUR_PACKAGES). I had to add
--with-pylons mywebapp/test.ini. I kept getting
ERROR: Failure: KeyError ('__file__') when trying to run my
tests, and a bunch
of my other tests failed because they couldn't get an expected value from the
.ini file.
This is hinted at in
http://pylonshq.com/articles/archives/2009/2/pylons_097_released,
but perhaps needs to be called out more explicitly for those of us who run
nosetests manually without going through setuptools, etc.
Thanks!
-jj
--
In this life we cannot do great things. We can only do small things
with great love. -- Mother Teresa
http://jjinux.blogspot.com/
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
How display options select field in given order ?
Hi ! How I can display options elements in select field exactly in this same order as I wrote it in dictionary ? Greetings from Poland ! -- Jan Koprowski --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-discuss@googlegroups.com To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~--~~~~--~~--~--~---
Re: How display options select field in given order ?
On May 22, 2009, at 2:31 PM, Jan Koprowski wrote: Hi ! How I can display options elements in select field exactly in this same order as I wrote it in dictionary ? Assuming you're using webhelpers.html.tags.select, you can pass it an ordered iterable of item pairs, like a list of tuples (see its documentation). Plain dicts don't maintain order -- Philip Jenvey --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-discuss@googlegroups.com To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~--~~~~--~~--~--~---
Re: How display options select field in given order ?
On 22 Maj, 23:54, Philip Jenvey pjen...@underboss.org wrote: On May 22, 2009, at 2:31 PM, Jan Koprowski wrote: Hi ! How I can display options elements in select field exactly in this same order as I wrote it in dictionary ? Assuming you're using webhelpers.html.tags.select, you can pass it an ordered iterable of item pairs, like a list of tuples (see its documentation). Plain dicts don't maintain order -- Philip Jenvey Thank You for help Philip. So simple and so hard at once :] -- Jan Koprowski --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-discuss@googlegroups.com To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~--~~~~--~~--~--~---
Where else store user password while using app
Hi ! I wrote some functional tests for my app. Because I keep password in session (for some reasons) every time when I want test something i must start from signin site and signin in each test. I thought about use REMOTE_USER but when i implement this I realize that the problem is that current user passwor must be stored somewhere - currently in session. Any propositions ? Greetings from Poland -- Jan Koprowski --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-discuss@googlegroups.com To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~--~~~~--~~--~--~---
Re: Where else store user password while using app
Howdy! Quite popular is Blowfish or AES encrypting data stored in cookies allowing you to store data without the risk of tampering or disclosure. You can wrap the encrypted data in an HMAC to verify the data is not tampered with. This is also fully capable of being used in unit testing. - Alice. This message was sent from a mobile device. Please excuse any terseness, spelling, or grammatical errors. If additional information is indicated it will be sent from a desktop computer as soon as possible. Thank you. On 2009-05-22, at 5:25 PM, Jan Koprowski jan.koprow...@gmail.com wrote: Hi ! I wrote some functional tests for my app. Because I keep password in session (for some reasons) every time when I want test something i must start from signin site and signin in each test. I thought about use REMOTE_USER but when i implement this I realize that the problem is that current user passwor must be stored somewhere - currently in session. Any propositions ? Greetings from Poland -- Jan Koprowski --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-discuss@googlegroups.com To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~--~~~~--~~--~--~---
Re: Where else store user password while using app
On 23 Maj, 02:59, Alice Zoë Bevan-McGregor, al...@gothcandy.com wrote: Howdy! Quite popular is Blowfish or AES encrypting data stored in cookies allowing you to store data without the risk of tampering or disclosure. You can wrap the encrypted data in an HMAC to verify the data is not tampered with. This is also fully capable of being used in unit testing. - Alice. Is authkit encryption settings for cookies enough ? -- Jan Koprowski --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups pylons-discuss group. To post to this group, send email to pylons-discuss@googlegroups.com To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~--~~~~--~~--~--~---
