New submission from Forest :
The interface defined for IAuthenticator doesn't allow it to report a reason for
authentication failure. This prevents me from showing the user a sensible
message when (for example) his login was refused due to excessive failed login
attempts or a deacti
New submission from Forest :
The form plugins, which are the most obvious way to build a common web login
page, have no obvious way to show "logged out" or "login failed" messages. Even
with third party add-ons like formcookie, I end up having to perform three
post-login-at
New submission from Forest :
PluggableAuthenticationMiddleware accepts a log_stream argument, which is
documented as a stream-like object with a write() method. Looking at the code,
I see that (thankfully) it accepts a logging.Logger object as well. This should
be documented
New submission from Forest :
I want to add meta-data to an authenticated user's environment, but I don't want
to perform extra database operations to do it. Since the repoze.who spec only
allows meta-data scribbling from within IMetadataProvider, and IMetadataProvider
is sep
New submission from Forest :
My testing shows that a meta-data provider plugin is called on every request.
This is horribly inefficient for meta-data that is expensive to fetch, such as
any that lives in a database. I would expect it to be fetched once when the
user is authenticated, and then
Forest added the comment:
I don't remember this bug, nor am I on the repoze.what dev team. Are you sure
you meant to assign it to me?
--
assignedto: forest -> nlaurance
nosy: -forest
__
Repoze Bugs
<http://bugs.repoze.o
Forest added the comment:
Removing myself again. nlaurance, you don't have to keep adding me. If you'd
really like to chat, we can use email. :)
--
nosy: -forest
__
Repoze Bugs
<http://bugs.repoze