-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Christoph Zwerschke wrote:
Hello, a question about the repoze.who plugin concept:
I'm just writing a plugin for authentication against an XML-RPC service,
implementing the authenticator and metadata provider interfaces .
Inside the authenticate() method, I make a call to the XML-RPC service
to check if the user exists and has entered the right password. That
same call already returns all the metadata about the user that I need.
What's the best way to store that information so that it can be reused
later in the add_metadata() method? I want to avoid making another
costly call to the remote service. Simply stuff the information
somewhere into the environ or identity dict?
The same applies when you have to check a remote database with the sql
plugin. Currently, every successful authentication makes two queries,
one to check whether the users exist and one to get their data. Wouldn't
it be better to handle both tasks with one query? The api with the
different plugin types is nice, but it also causes such redundant calls.
Or do I overlook something?
IAuthenticator plugins are free to scribble on the 'identity' mapping
passed to authenticate, which should mean that you can avoid registering
a metadata plugin at all. You could also add information to the
'environ' directly, if need be.
Tres.
- --
===
Tres Seaver +1 540-429-0999 tsea...@palladion.com
Palladion Software Excellence by Designhttp://palladion.com
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFJ7Jr3+gerLs4ltQ4RAkvGAJ9ngLB+3NY1L+jJf7k0EQqjxHTLLQCgpb+c
4P3FrfhApF0mRD1h9Xqn8Ro=
=2qYk
-END PGP SIGNATURE-
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev
