have a look
here<http://docs.pylonsproject.org/projects/pyramid/en/1.5-branch/quick_tutorial/authentication.html?highlight=forget>
generally it uses remember and forget which make use of cookies.
On Monday, January 27, 2014 6:41:58 PM UTC+11, infMt wrote:
>
> Sorry if this seems like such a naive question but I can't figure out how
> a user should be authenticated after reading the documentation and digging
> through examples.
>
> What do I need from Pyramid to achieve this login process for a user?
>
> 1. User submits a form
>
> 2. The user is matched to a record in the database
>
> 3. *Beaker* *session *has the user id added
>
> From here I'm not so sure
>
> 4. User attempts an action via a view
>
> 5. Logic is in place to check if user has permission
>
> def edit_post(request):
> ...
> if request.session['userId'] != authorUserId:
> raise pyramid.httpexceptions.HTTPForbidden("You are not this post's
> author.")
>
> (from SO:
> http://stackoverflow.com/questions/6585370/dynamic-user-based-authorization-in-pyramid
> )
>
> Note: the example from SO may not be using *Beaker*. Are these steps
> correct? Is there any need to use *remember()* and
> *authenticated_userid() *?
>
> How does the server determine who *request.session *is assigned to?
>
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/pylons-discuss.
For more options, visit https://groups.google.com/groups/opt_out.
