Yes, it does. But you can take a look at its code to put something together for your use-case.
http://code.google.com/p/googleappengine/source/browse/trunk/python/google/appengine/ext/webapp/util.py#39 Robert On Tue, Jan 18, 2011 at 10:51, Silencer <[email protected]> wrote: > The @login_required decorator works only for GET , It is mentioned in > that page. > So i am using the first method u suggested > > Thanks a lot for the help . > > > On Jan 18, 11:25 am, Robert Kluin <[email protected]> wrote: >> Yeah, if you need to be able to allow some requests without cookies to >> a 'secure' url you'll need to use a lower-level solution like those. >> The options in app.yaml are higher-level. >> >> Robert >> >> On Tue, Jan 18, 2011 at 00:17, Silencer <[email protected]> wrote: >> >> > Thanks Robert , >> >> > Those solutions look better coding to me. >> >> > So i will have to anyway remove login:admin for URL's destined to be >> > used for Cross Domain Resource Sharing. >> >> > Even login:required will also fail right ? >> > Because preflight request is never send with cookies. >> >> > So basically i have to implement url securing myself. >> >> > On Jan 17, 11:19 pm, Robert Kluin <[email protected]> wrote: >> >> Securing your URLs in code is OK, provided you're doing it >> >> consistently perhaps using a decorator, or in a base AdminHandler. >> >> This will let you allow some calls or respond differently to non-admin >> >> calls. >> >> >> You might also want to check out the users.is_current_user_admin() >> >> function. >> >> http://code.google.com/appengine/docs/python/users/functions.html >> >> >> And, I would also suggest looking at the @login_required decorator. >> >> You could just write a @admin_required decorator. >> >> >> >> http://code.google.com/appengine/docs/python/tools/webapp/utilmodule.... >> >> >> Robert >> >> >> On Mon, Jan 17, 2011 at 12:33, Silencer <[email protected]> wrote: >> >> > i have two apps let us call it app1 and app2 ; >> >> >> > Assume that i have logged in as admin in both apps. >> >> > in my work-flow i have to do a POST request from app1 rendered page >> >> > (http://app1.appspot.com/sourcepage ) >> >> > to and apps url (http://app2.appspot.com/updatedata) . >> >> >> >http://app2.appspot.com/updatedataisa url secured by login:admin in >> >> > the app.yaml file >> >> >> > Now in FF3.6 , when such an ajax request is done using jQuery , >> >> > FF3.6 will first send a Preflighted request ( OPTIONS request ) . >> >> > This request is sent without cookies. >> >> > So appengine returns a redirect as response. >> >> > Although i have implemented the options(self) function for the >> >> > request, the control never reaches there >> >> >> > So the original POST is not send at all. >> >> >> > i read in some article that the credentials will not be sent with the >> >> > Preflighted request >> >> > So in that case is there a way to make options request alone to pass >> >> > through for admin urls ? >> >> >> > TO get my workflow done at last i removed login:admin from app.yaml >> >> > and >> >> > checks for user logged in and compare email id's to a set of allowed >> >> > admins. >> >> > I know it is bad programming , but still. >> >> >> > Is there any thing that i miss ? >> >> >> > Please help >> >> >> > -- >> >> > You received this message because you are subscribed to the Google >> >> > Groups "Google App Engine" group. >> >> > To post to this group, send email to [email protected]. >> >> > To unsubscribe from this group, send email to >> >> > [email protected]. >> >> > For more options, visit this group >> >> > athttp://groups.google.com/group/google-appengine?hl=en. >> >> > -- >> > You received this message because you are subscribed to the Google Groups >> > "Google App Engine" group. >> > To post to this group, send email to [email protected]. >> > To unsubscribe from this group, send email to >> > [email protected]. >> > For more options, visit this group >> > athttp://groups.google.com/group/google-appengine?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Google App Engine" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/google-appengine?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
