On May 10, 2014, at 8:30 PM, Cédric Krier <cedric.kr...@b2ck.com> wrote:
> On 10 May 19:06, Sharoon Thomas wrote: >> Hello folks, >> >> We have released version 0.1 of Tryton Restful [1], a simple wsgi app that >> allows you to use your favorite rest/http clients to talk to Tryton models. > > I don't understand why not re-use flask-tryton [1] nor a flask > authentication plugin like flask-login [2]. I had tried using flask-tryton and the primary issue with it it’s dependence on a single database. The transaction decorator in flask-tryton was the most motivating reason to use it and the design of transaction decorator in tryton restful is based on that. Flask-Login is an overkill for the situation because: 1. tryton restful has no session (cookie) support. It requires ir.session id to be sent on every request just as the tryton client would do. Flask-Login is heavily designed around sessions (nereid uses this). 2. In addition this requires a User object which implements the User Mixin [1] for current_use local proxy to work. While, tryton-restful only needs the ID of the currently logged in user. 3. There is no login_view etc. which a regular browser based app would need and flask-login is designed for. > Also I see you are using jsonify, how do you deal with tryton data > type that are not jsonable like date time? Updated the code to use the tryton encoder and decoder. Do you plan on making the javascript version of tryton json encode/decoder available as a separate library ? > I think it will be better for security to cast record_id to int. Fixed. Thanks for your feedback. [1] http://flask-login.readthedocs.org/en/latest/#your-user-class Sharoon Thomas CEO & Chief Software Architect Openlabs Technologies & Consulting (P) Limited w: http://www.openlabs.co.in m: +1 813.793.6736 (OPEN) Extn. 200 t: @sharoonthomas - We win when our customers win
signature.asc
Description: Message signed with OpenPGP using GPGMail