On Wed, 2006-02-08 at 06:04 -0800, [EMAIL PROTECTED] wrote:
> Does someone have a recipe for logging in via url only. I would like
> to have it work with admin or regular user where
> credentials can be passed as parameters in a url and they are logged in
> and directed to the url. For admin login I am wanting it to simply log
> into admin index.
You _could_ do this by looking at the admin interface's login view, and
handling request.GET the way it handles request.POST. But IMO you
_shouldn't_ do this, as it may (depending on other things) open up quite
a few new ways to steal credentials (think about referrers, and about
httpd logs).
One option could be to use a one time login url.
- Create a model containing GUID/UUID.
- Create a view that sends you a mail containing a login url everytime you hit it.
- Create a view that server this url containing GUID/UUID as parameter, and if it matches with one in database, delete that object and log user in.
--
Amit Upadhyay
Blog: http://www.rootshell.be/~upadhyay
+91-9867-359-701
