I'm playing with Identity instead of my own quick concoction since I like the decorator syntax but hit a few bumps on the road.
One thing worth documenting is that there should be no /login method
exposed, the user should go directly to the /app page and if he is not
logged in, he will be internally redirected to login. Otherwise it
looks strange that you gave perfect user/password and is still in the
login page[1]. Do I even need to expose the login page? Any way to
detect that someone is logged in and that I can redirect him to the
main app page?
Another issue I have is that the current documented way means the user gets a message "['Not
member of group: user']" immediately when hitting the login screen.
That's unfortunate since the message is given even if the user is not
yet logged in at all and it makes no sense to the user to get such a
message, I'd expect something more in the line of 'not logged in yet,
please login'. And again I refer to my question above, how do I know if
a user doesn't have permissions or just didn't login yet? I'd like to
be able to give a sane message to the user.
Thanks,
Baruch
[1] For now I do something like: if cherrypy.request.path == '/user/login': raise redirect('/app')
But this is rather hacky IMO.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "TurboGears" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/turbogears
-~----------~----~----~----~------~----~------~--~---
- [TurboGears] Identity issues Baruch Even
- [TurboGears] Re: Identity issues Baruch
- [TurboGears] Re: Identity issues Baruch
- [TurboGears] Re: Identity issues Patrick Lewis
