Hi,
I'm using AuthKit-0.4.1dev_r143 with Pylons 0.9.6.2 like this:
http://wiki.pylonshq.com/display/pylonscookbook/AuthKit+0.4+UsersFromDatabase+with+SQLAlchemy+0.4+and+SQLAlchemyManager
It works fine, but now I need to validate that an user has a validated
date for login, so in lib/permissions.py I created a new permission:
This is my login action:
@authorize(ActiveAuthKitUser())
def login(self):
try:
return_url = request.params['return'].encode('utf-8')
except KeyError:
return_url = '/'
redirect_to(h.url_for(return_url))
And the new permission:
from authkit.permissions import ValidAuthKitUser
from authkit.authorize import NotAuthorizedError
class ActiveAuthKitUser(ValidAuthKitUser):
"""
Checks that the signed in user has its account enabled.
"""
def __init__(self):
pass
def check(self, app, environ, start_response):
app = ValidAuthKitUser.check(self, app, environ, start_response)
user = meta.Session.query(User).filter(User.username ==
environ['REMOTE_USER']).one()
if not user.validated_date:
raise NotAuthorizedError(
'This account is disabled.'
)
return app(environ, start_response)
It works fine when I login with a valid user and with a non
ValidAuthKitUser, but when I try it with an user that doesn't have
validated_date raises the Exception but nothing happens, I'm
redirected to the home page. Then, in next login, the action doesn't
shows the login form, it's like the user was logged but not, the chek
function is executed and also raises the NotAuthorizedError...
What I'm doing wrong?
Thanks
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en
-~----------~----~----~----~------~----~------~--~---
