That is brilliant, thanks! ;-)
Big thumbs up for this guy! On 8 Wrz, 18:16, Mariano Mara <[email protected]> wrote: > Excerpts from Dobrysmak's message of Wed Sep 08 11:57:47 -0300 2010:> Hi! > > I'm pretty new to pylons framework and repoze.what repoze.who plugins, > > so i have few questions. > > I've searched the web but no results. > > I'm making my way with repoze what/who too so please take my advice with > a grain of salt. > > > > > > > First of all, i've got a login form for users. > > My configuration for repoze.what looks like this > > > return setup_sql_auth( > > app, > > User, > > Groups, > > Permissions, > > meta.Session, > > login_url='/login/index', > > post_login_url='/main/cpanel', > > post_logout_url='/login/index', > > login_handler='/login/login', > > logout_handler='/login/logout', > > cookie_secret=config['cookie_secret'], > > cookie_timeout=600, > > cookie_reissue_time=500, > > translations={ > > 'validate_password' : 'check_pass', > > 'user_name': 'login', > > 'group_name': 'name', > > 'permission_name': 'name' > > }) > > > When a users is loggin in, the application should update the > > "last_visit_date" column in db, this action is placed in "/login/ > > login", but at the process of user login this action is ignored. > > That's the first question, why and how to fix this? > > You could write a metadata provider. Although its purpose is to add some > extra information on the identity dictionary once the user has been > validated, I guess you can use it to update your session table with some > extra data. Since it's the last step in the authentication process and > it's only called with the final "best" identity found, you can be sure > it will be called in the right time. > > I don't know anything about quickstart but according to docs, the > defined metada provider plugin in quickstart would be > SQLAlchemyUserMDPlugin [1]. I'm sure you could extend it with some extra > functionality, making sure you call the inherited plugin first and then > roll your own code. For example, > > from repoze.who.plugins.sa import SQLAlchemyUserMDPlugin > > class myMDplugin(SQLAlchemyUserMDPlugin): > > implements(IMetadataProvider) > > def add_metadata(self, environ, identity): > super(myMDplugin, self).add_metadata(environ, identity) > ... update your table here ... > > More about writing a metadataprovider can be found here[2]. > > You can then configure repoze to use your own md provider passing the > plugin name as a kwargs argument as explained here [3] > > > > > The second part is the Error handling in repoze.what/who. > > When user puts the wrong pass/name it rise an Exception 401 (that's > > ok) and displays it in a standard pylons debuge mode, but where can i > > customize it to show restricted access messages? > > If you're protecting your controllers classes/method with the provided > decorators for pylons (ControllerProtector, ActionProtector) it should > redirect you to a page with the error message. > If you're not or you want to customize the way it works and looks, you > need to write your own denial handler. Find here [4] an example for you > to customize. > > Hope I made some sense. I'm pretty sure there are easier ways to make > things work, though :) > > Mariano > > [1]http://code.gustavonarea.net/repoze.who.plugins.sa/index.html#repoze.... > [2]http://docs.repoze.org/who/1.0/narr.html#writing-a-metadata-provider-... > [3]http://what.repoze.org/docs/plugins/quickstart/#how-to-set-it-up > [4]http://code.gustavonarea.net/repoze.what-pylons/Manual/Protecting.htm... -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
