Hello, Tomasz.
3. I will do some improvements in my authentication middlewares to
make them safer against CSRF.
I have made little improvement:
http://hg.sandbox.lt/authform-middleware/rev/bec2ddaef60b
I will document it later but some information now: I have read about
CSRF and other kind of
Hello, Tomasz.
On Thu, Dec 11, 2008 at 9:19 AM, Tomasz Narloch toma...@wp.pl wrote:
2) Where can I put @authenticate_form?
I don't know such decorator. Haven't you confused it with @authorize?
from pylons.decorators.secure import authenticate_form
In login I create:
Maybe I have better solution, without session.
Add to login form hidden fieled input type=hidden
name=if_error_back_to value=/panel/login /
That will not work on @authorize decorator. The problem is that we
have more than one path how /process is reached. I'm adding loginurl
function.
--
Tomasz Narloch pisze:
Dalius Dobravolskas pisze:
def loginurl_by_context(environ):
if environ['beaker.session'].startswith('/panel'):
Error in my code:
if environ['beaker.session']['referer'].startswith('/panel'):
return '/panel/login'
else:
Dalius Dobravolskas pisze:
Maybe I have better solution, without session.
Add to login form hidden fieled input type=hidden
name=if_error_back_to value=/panel/login /
That will not work on @authorize decorator. The problem is that we
have more than one path how /process is reached. I'm
Hello, Tomasz,
I have updated code now:
http://hg.sandbox.lt/authform-middleware/rev/50e261dbd126
Okey, I don't know authorize as good as you.
Authentication ;-)
But how can you check referer for prefix:
referer: /order/index2 = translate to /order/login
referer: /admin/ =
Dalius Dobravolskas pisze:
Hello, Tomasz,
I have updated code now:
http://hg.sandbox.lt/authform-middleware/rev/50e261dbd126
Okey, I don't know authorize as good as you.
Authentication ;-)
But how can you check referer for prefix:
referer: /order/index2 = translate to
When you publish new version, today or tomorrow or ...?
Since I don't use setuptools yet you just download:
http://hg.sandbox.lt/authform-middleware/archive/tip.tar.gz
It always point to newest version.
--
Dalius
http://blog.sandbox.lt
--~--~-~--~~~---~--~~
I start to learn authauth
1) I have one login form for client to panel
and second if someone want to buy something then go step by step and
next can login or create new account (different url, design)
There is a variable:
authform.loginurl= /panel/login
How sholud I change it if I want
Hello, Tomasz,
Next time write which authentication solution your are using
(http://trac.sandbox.lt/auth/). Other users might not understand what
are you using.
1) I have one login form for client to panel
and second if someone want to buy something then go step by step and
next can login
def loginurl_by_context(environ):
if environ['beaker.session'].startswith('/panel'):
Error in my code:
if environ['beaker.session']['referer'].startswith('/panel'):
return '/panel/login'
else:
return '/shop/login'
What you think about that?
Better, my solution
Dalius Dobravolskas pisze:
def loginurl_by_context(environ):
if environ['beaker.session'].startswith('/panel'):
Error in my code:
if environ['beaker.session']['referer'].startswith('/panel'):
return '/panel/login'
else:
return '/shop/login'
What you
12 matches
Mail list logo