On 04/09/2015 04:09 AM, Christophe de Vienne wrote:
Hi everyone,
We are implementing a IAuthenticationPolicy that requires, to get the
actual userid, an access to the database [1].
Should unauthenticated_userid always return None to avoid a database
access, or access the database to always return the same userid
authenticated_userid will return?
The documentation [2] is unclear about what matters most: "performs the
same duty as authenticated_userid", or "needn't (and shouldn't) check
any persistent store".
It should return the userid value sent in the request (usually in a
cookie) without checking if the userid is valid in any way.
- C
Thanks,
Christophe
[1] https://www.cubicweb.org/patch/4939057
[2]
http://pyramid.readthedocs.org/en/latest/api/interfaces.html#pyramid.interfaces.IAuthenticationPolicy.unauthenticated_userid
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/pylons-discuss.
For more options, visit https://groups.google.com/d/optout.
