-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

nmdea wrote:

> I have a quick question about the AuthTktCookiePlugin plugin in repoze.who. 
> Is 
> there a reason why the environ variable is not passed to the userid_checker 
> function? For example, this would be useful if the HTTP host header is needed 
> to 
> determine if the user id is valid or not.

We didn't have that usecase:  the userid_checker is intended to use the
a notional backing store to see if the user exists *at all*, via
something like 'select * from users where id = %s' % userid.  At this
point, we probably can't make a backwards-compatible change to this
which doesn't cause a performance hit on every authenticated request.

If you really need that feature, I would advise subclassing the plugin
and overring the 'authenticate' method to pass in the 'environ' to your
checker.  If you mean to configure your custom plugin through an INI
file, you will also need to clone the 'make_plugin' function to get a
version which creates an instance of your subclass.


Tres.
- --
===================================================================
Tres Seaver          +1 540-429-0999          tsea...@palladion.com
Palladion Software   "Excellence by Design"    http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkyANfgACgkQ+gerLs4ltQ7TkACg0o28Qj2vjjZE/yUuhUaBxMh8
76wAnjOopPyen+quBiafD7yh8GbTlWnI
=ZDr4
-----END PGP SIGNATURE-----
_______________________________________________
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev

Reply via email to