After leaving my project on backburner for about a year, I implemented
what you said and tg.identity does not get set when I am not logged
# An SQLAlchemy authorization plugin
use = hypernucleusserver.lib.auth:guestauth_plugin
def authenticate(self, environ, identity):
guestauth_plugin = GuestAuth()
Can it be done with the plugin described below?
An identifier plugin (aka an IIdentifier plugin) must do three things:
extract credentials from the request and turn them into an “identity”,
“remember” credentials, and “forget” credentials.
On 4 October 2009 16:52, Tres Seaver <tsea...@palladion.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Tres Seaver wrote:
>> Richie Ward wrote:
>>> Normally by default, when you are not logged in with repoze.who/what,
>>> you are logged in as nothing. I propose a modiforcation that will give
>>> the option to set a default user (A user in database called guest with
>>> restricted permissions for example) for when you are not logged in.
>>> Ideally you could turn this on or off.
>>> What do you think is the correct way to impliment this?
>>> Would it be accepted if I made a patch?
>>> I need this functionality for my project and ideally I would rahter
>>> the code went into repoze rather than me forking or a ton of
>>> subclassing. It would remove the need for me to hard code alot of
>>> guest permissions and I could tell it what guest can and cant do in
>> No subclassing required: just register your own IAuthenticator plugin
>> "last" in the list and have it return your guest. E.g., something like:
>> class GuestAuth:
>> def authenticate(environ, identity):
>> return 'guest'
> Docs are here:
> - --
> Tres Seaver +1 540-429-0999 tsea...@palladion.com
> Palladion Software "Excellence by Design" http://palladion.com
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> -----END PGP SIGNATURE-----
Thanks, Richie Ward
Repoze-dev mailing list