The cookbook illustrates a way to cache this information inside of `request.user`. The idea is that authenticated_userid and effective_principals both use request.user, and request.user uses unauthenticated_userid. While the cookbook shows how to do this via the callback mechanism, it is even more straightforward to do it in your own custom policy.
http://docs.pylonsproject.org/projects/pyramid_cookbook/en/latest/auth/user_object.html#making-a-user-object-available-as-a-request-attribute On Fri, Jun 29, 2012 at 10:43 AM, Vlad K. <[email protected]> wrote: > > Hi all. > > > I am not quite sure from the docs, nor quickly looking at the source, what > is the order of business with the IAuthenticationPolicy interfaced objects. > There are two separate but tightly integrated methods: > (un)authenticated_userid() and effective_principals() which per CallbackAuth > policy abstraction uses a callback to define principals. Of course, I'm > implementing my own which interacts with storage directly (ie. no callback). > > In my case, whatever I do, I see always TWO requests to the auth data > storage. One for each method (authenticated_userid, effective_principals). > > So I'd like to implement a thread-safe way to store data within the request > object, however I'm not sure which is called first, or does that depend on > what calls what from the "userland" code? I guess I can put: > > if not request.myauthdata: > get_auth_data_from_storage(request) > > in each to bootstrap the data (i'm already using own Request factory to add > some other methods, and that would also define the 'myauthdata' property), > and then use request.myauthdata from both (un)authenticated_userid and > effective_principals. > > > Am I reinventing the wheel? > > > What I'd like to see is something like on_request() method be called on the > auth policy on every request start, so the method can retrieve relevant data > from storage, keep it thread safe in request and have it accessible to any > of the other methods of the policy. Likewise, maybe an on_response() hook > would be needed for some cases. > > > Thanks. > > -- > > .oO V Oo. > > -- > You received this message because you are subscribed to the Google Groups > "pylons-discuss" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/pylons-discuss?hl=en. > -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
