> Topic: repoze.what and StaticURLParser? > > Christian Gunning <[email protected]> Jan 25 02:56AM -0800 ^ > > I just migrated from Authkit to repoze.what. One thing I can't figure > out, though, is how to protect static files. I'd like to use one auth > framework for everything. I've tried fiddling with config/ > middleware.py with no luck -- i can't figure out how to use predicates > outside of a controller. > > Has anyone done this? If not, can anyone suggest relevant docs? > > thanks! > > > > Gael Pasgrimaud <[email protected]> Jan 25 12:11PM +0100 ^ > > Hi, > > On Tue, Jan 25, 2011 at 11:56 AM, Christian Gunning >> middleware.py with no luck -- i can't figure out how to use predicates >> outside of a controller. > >> Has anyone done this? If not, can anyone suggest relevant docs? > > I guess you can wrap your static app with a small middleware: > > def checker(environ, start_response): > predicate.check_authorization(environ) > return static_app(environ, start_response) > > See > http://what.repoze.org/docs/1.0/Manual/Predicates/Evaluating.html#raising-an-exception-if-the-predicate-is-not-met > > -- > Gael
Success! I had to read the WSGI docs a dozen+ times, but in the end it's a simple enough conditional redirect. I've added this to http://wiki.pylonshq.com/display/pylonscookbook/Pylons+1.0+and+repoze.what best, Christian ## in lib/middleware.py from repoze.what.predicates import not_anonymous class RepozeMiddleware(object): def __init__(self, app, signin_url): self._app = app self._signin_url = signin_url def __call__(self, environ, start_response): # need to check path_info to avoid infinite loop if not_anonymous().is_met(environ) or environ['PATH_INFO'] == self._signin_url: return self._app(environ, start_response) else: status = "301 Redirect" headers = [("Location", self._signin_url),] start_response(status, headers) return ["Not logged in",] ## in config/middleware.py from myproject.lib.middleware import RepozeMiddleware # ... if asbool(static_files): # Serve static files static_app = StaticURLParser(config['pylons.paths']['static_files']) ## add a not_anonymous check to statics app = Cascade([static_app, app]) app = RepozeMiddleware(app, '/account/login') ## not sure if order is important app = add_auth(app, config) -Christian -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
