On Thu, 2010-12-23 at 01:41 -0800, jerry wrote:
> Yet-another simple question: What's the best practice in implementing
> a user-land multi-point redirection?
>
> The most common application is redirect user back to the initial page
> after login, which pyramid's built-in authentication already works
> well with @view_config(permission='...')
>
> However, if I issue an HTTPFound myself pointing to GET login view,
> how should the user be redirected back after a successful POST? I
> might be able to get away with recording request.referer all the way
> and jam a {'referer': initial_url} into the headers of the GET login
> view response, but there must be better ways. If I recall correctly,
> Pylons' redirect_to() simply works out-of-the-box.
Derived from:
http://docs.pylonshq.com/pyramid/dev/tutorials/wiki2/authorization.html
@view_config(route_name='login', renderer='sometemplate.pt')
@view_config(context='pyramid.exceptions.Forbidden',
renderer='sometemplate.pt')
def login(request):
login_url = route_url('login', request)
referrer = request.url
if referrer == login_url:
referrer = '/' # never use the login form itself as came_from
came_from = request.params.get('came_from', referrer)
message = ''
login = ''
password = ''
if 'form.submitted' in request.params:
login = request.params['login']
password = request.params['password']
if USERS.get(login) == password:
headers = remember(request, login)
return HTTPFound(location = came_from,
headers = headers)
message = 'Failed login'
return dict(
message = message,
url = request.application_url + '/login',
came_from = came_from,
login = login,
password = password,
)
- C
>
> Thanks.
>
> Jerry
>
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en.
