No-one seemed to object to my suggested changes to
LoginUser/LogoutUser to make them work "out of the box" on a templated
setup, so I've gone ahead and committed them. They shouldn't affect the
behaviour of Turbine for anyone's existing app, they just make it easier
to set up a secure template-based app from scratch.
The changes are:
1) If "template.login" is set then its value overrides "screen.login"
(i.e. screen.login is ignored) when LoginUser hits an invalid login
attempt.
2) A property "action.logout" has been added. If this is set, then that
action gets performed before the session validator runs (as is currently
the case with "action.login").
3) LogoutUser now checks to see if "action.logout" is LogoutUser - if so
it skips the setting the screen to "screen.homepage" step. I would
rather have removed this code altogether, but this would risk breaking
people's existing apps who are relying on LogoutUser doing this.
What this means is that in order to have a template-based app require
login before use you need to:
A) Make sure "template.login" is set and points to a login template.
B) Make sure "action.sessionvalidator" is set to
"sessionvalidator.TemplateSecureSessionValidator"
and that's all!
(which should make putting a sample login app in the TDK a lot easier -
Martin, were you working on that? and Jason, perhaps as you integrate
Flux into the TDK you could ensure that it uses this method of
implementing Login so that it provides a good example of the easy way of
doing it :-) )
--
Sean Legassick
[EMAIL PROTECTED]
Jag är en man, ingenting mänskligt är främmande för mig
------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Search: <http://www.mail-archive.com/turbine%40list.working-dogs.com/>
Problems?: [EMAIL PROTECTED]
