Well, I have something working that's a little different. The S.referer
doesn't seem to be what I want. Let me explain:
I have an index page with a table of items. Each item has an "Edit" link on
it. The page that the edit link points at has a Loc.If test on it:
val loginTest = Loc.If(() => User.loggedIn_?, RedirectResponse("/login"))
In the login method, if I use S.referer, I get the index page, while S.uri
is the current (login) page. The original edit page URI is lost with the
redirect, so what I've done is added a session var
object origUri extends SessionVar[Can[String]](Empty)
and modified the If to "capture" the original request at the time that it's
made
val loginTest = Loc.If({() => origUri(Full(S.uri + S.servletRequest.map("?"
+ _.getQueryString).openOr(""))); User.loggedIn_?,
RedirectResponse("/login"))
This looks really kludgey to me, but it does work. I would welcome any
suggestions to make this cleaner.
Derek
On Tue, Oct 21, 2008 at 3:08 PM, David Pollak <[EMAIL PROTECTED]
> wrote:
> object Login {
> def login() = {
> val from = S.referer.openOr("/")
>
> User.currentUser match {
> case Full(_) => // do nothing
> case _ =>
> def testPwd(user: User, pwd: String): Can[Boolean] =
> if (user.password.match_?(pwd)) {
> if (user.invalid_?) Failure(user.invalidReason, Empty, Nil)
> else {User.logUserIn(user); Full(true)}
>
> //Full(true)
> } else Failure("Password mis-match", Empty, Nil)
>
> (for (email <- S.param("username") ?~ "No Username";
> pwd <- S.param("password") ?~ "No Password";
> user <- User.find(By(User.email, email)) ?~ "User Not Found";
> success <- testPwd(user, pwd)) yield {
> user
> }) match {
> case Full(user) => S.notice("Welcome: "+user.niceName)
> if (!user.validated) {
> S.notice("Until your registration is confirmed, you cannot edit
> pages in the wiki")
> }
> case Failure(msg, _, _) => S.error(msg)
> case _ => S.error("Not logged In")
> }
> }
>
> Full(RedirectResponse(from))
> }
>
> def logout() = {
> val from = S.referer.openOr("/")
>
> User.logoutCurrentUser
> S.notice("Logged Out")
>
> Full(RedirectResponse(from))
>
> }
> }
>
>
> On Tue, Oct 21, 2008 at 2:05 PM, Derek Chen-Becker <[EMAIL PROTECTED]>wrote:
>
>> A followup question. If I want to redirect back to the original page that
>> prompted the login redirect, how would I get that? I know I can get use
>> S.uri to get everything but the query string, but do I need to dig deeper
>> into the actual HttpServletRequest to get at everything after the host
>> portion?
>>
>> Thanks,
>>
>> Derek
>>
>>
>> On Tue, Oct 21, 2008 at 2:21 PM, Derek Chen-Becker <[EMAIL PROTECTED]
>> > wrote:
>>
>>> OK, that makes sense. Sometimes when you have a hammer everything looks
>>> like a nail :)
>>>
>>>
>>> On Tue, Oct 21, 2008 at 2:05 PM, David Pollak <
>>> [EMAIL PROTECTED]> wrote:
>>>
>>>> SessionVars are not available during URL rewriting. URL rewriting takes
>>>> place before the session is obtained. This is deliberate because the URL
>>>> rewriting takes place before the sessionless dispatch is consulted. This
>>>> happens before the session is retrieved/created and the regular flow
>>>> happens.
>>>>
>>>> Access control on an HTML page level should be done in SiteMap.
>>>>
>>>>
>>>> On Tue, Oct 21, 2008 at 1:00 PM, Derek Chen-Becker <
>>>> [EMAIL PROTECTED]> wrote:
>>>>
>>>>> I could have sworn this had been covered recently on the list but I
>>>>> can't seem to find it. I'd like to have a rewrite function that checks to
>>>>> see if someone is logged in and in the proper role before allowing them to
>>>>> get to the page. I had wanted to do this using LiftRules.addRewriteBefore
>>>>> combined with two SessionVars that would hold the user name and their
>>>>> roles
>>>>> (if logged in). Unfortunately, it looks like SessionVars don't seem to be
>>>>> usable inside the rewrite function because the LiftSession hasn't been set
>>>>> up yet at that point. I'm I missing something obvious, or does anyone have
>>>>> some suggestions for doing it in a different/better way?
>>>>>
>>>>> Thanks,
>>>>>
>>>>> Derek
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Lift, the simply functional web framework http://liftweb.net
>>>> Collaborative Task Management http://much4.us
>>>> Follow me: http://twitter.com/dpp
>>>> Git some: http://github.com/dpp
>>>>
>>>>
>>>>
>>>
>>
>>
>>
>
>
> --
> Lift, the simply functional web framework http://liftweb.net
> Collaborative Task Management http://much4.us
> Follow me: http://twitter.com/dpp
> Git some: http://github.com/dpp
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Lift" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/liftweb?hl=en
-~----------~----~----~----~------~----~------~--~---
