On Monday February 9, 2009 10:03:03 binet bruno wrote:
> Thanks for the new FriendlyRedirectingFormPlugin plugin for repoze.who
> which is usefull to redirect to predefined url after login or logout.
> Here is my question : is it possible to get rid of the "came_from"
> param in the url which is useless when using post login and post
> logout url ?

I don't think it's useless. For example, by default TG2 applications use that 
parameter in the post-login/out handler to redirect to it. In the case of the 
post-login handler, if the user gets there and is anonymous, that can only 
mean one thing: She tried to log in with the wrong credentials.

Sample use:
>    @expose('theproject.templates.login')
>    def login(self, came_from=url('/')):
>        login_counter = request.environ['repoze.who.logins']
>        if login_counter > 0:
>            flash(_('Wrong credentials'), 'warning')
>        return dict(page='login', login_counter=str(login_counter),
>                    came_from=came_from)
>    @expose()
>    def post_login_handler(self, came_from=url('/')):
>        if not request.identity:
>            login_counter = request.environ['repoze.who.logins'] + 1
>            redirect(url('/login', came_from=came_from,
>                         __logins=login_counter))
>        userid = request.identity['repoze.who.userid']
>        flash(_('Welcome back, %s!') % userid)
>        redirect(came_from)
>    @expose()
>    def post_logout_handler(self, came_from=url('/')):
>        flash(_('We hope to see you soon!'))
>        redirect(came_from)

> It will be also great if it was possible to choose using the __logins
> counter or no, so that we could keep a clean url if wanted.

But without it you wouldn't be able to handle failed logins, *unless* you use 
a post-login handler. It sounds like a sensible feature to me, can you please 
open a ticket?

Gustavo Narea <http://gustavonarea.net/>.

Get rid of unethical constraints! Get freedomware:
Repoze-dev mailing list

Reply via email to