-----BEGIN PGP SIGNED MESSAGE-----
> I have a quick question about the AuthTktCookiePlugin plugin in repoze.who.
> there a reason why the environ variable is not passed to the userid_checker
> function? For example, this would be useful if the HTTP host header is needed
> determine if the user id is valid or not.
We didn't have that usecase: the userid_checker is intended to use the
a notional backing store to see if the user exists *at all*, via
something like 'select * from users where id = %s' % userid. At this
point, we probably can't make a backwards-compatible change to this
which doesn't cause a performance hit on every authenticated request.
If you really need that feature, I would advise subclassing the plugin
and overring the 'authenticate' method to pass in the 'environ' to your
checker. If you mean to configure your custom plugin through an INI
file, you will also need to clone the 'make_plugin' function to get a
version which creates an instance of your subclass.
Tres Seaver +1 540-429-0999 tsea...@palladion.com
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Repoze-dev mailing list