Hi GUstavo, Gustavo Narea wrote: > Hello, everybody. > > I've tried to implement the @require decorator into TG with this code: > http://paste.turbogears.org/paste/13386 > > However, that HTTPUnauthorized exception is not handled neither by TurboGears > nor repoze.who and I'm sure it's because I'm missing something -- but what? > IIRC, webob.exc.HTTPException (which HTTPUnauthorized inherits from) was converted into a response with the appropiate status code by PylonsController, let me see... here:
http://pylonshq.com/project/pylonshq/browser/pylons/controllers/core.py#L94 So I believe that you/repoze.who/someone should not be trying to catch an exception but check the response's status code to see if it's a 401 and in that case tell repoze.who to perform authentication. This is how I do it in twWebSite in case it serves you: http://toscawidgets.org/trac/twWebSite/browser/twwebsite/lib/auth_middleware.py#L45 As you can see, what that code does is make an internal redirect to the siging url when it sees that the response has a 401 status code. I'm using webob for API niceness but it should be doable in plain WSGI to make it framework neutral... Perhaps repoze.who already does something similar? Alberto --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears Trunk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears-trunk?hl=en -~----------~----~----~----~------~----~------~--~---
