Rune Hansen wrote:
>
> On 9. okt. 2006, at 18.29, Steve Holden wrote:
>
>
>>I've just spent half a day stumbling around looking for the most
>>sensible way to allow realm-based HTTP basic authentication inside
>>a TG
>>application, and I have to say I'm none the wiser.
>>
>>Can anyone point me at a succinct discussion of this topic, or a
>>recipe
>>for providing this feature?
>>
>
> Hi Steve,
> Been a while since I've looked at the identity code so there might be
> a more "stright forward" way than mine.
> But, this works.
>
> @expose(template="yourapp.templates.login")
> def login(self, forward_url=None, previous_url=None, *args, **kw):
> if not identity.current.anonymous and
> identity.was_login_attempted() and not identity.get_identity_errors():
> raise redirect(forward_url)
> forward_url=None
> previous_url= cherrypy.request.path
> if not cherrypy.request.headers.get("Authorization",False):
> msg= _("BasicAuth required")
> previous_url= cherrypy.request.path
> cherrypy.response.headers['WWW-Authenticate'] = 'Basic
> realm="Your restricted area"'
> cherrypy.response.status=401
> else:
> if identity.was_login_attempted():
> msg=_("The credentials you supplied were not correct
> or "
> "did not grant access to this resource.")
> elif identity.get_identity_errors():
> msg=_("You must provide your credentials before
> accessing "
> "this resource.")
> else:
> msg=_("Please log in.")
> forward_url= cherrypy.request.headers.get("Referer",
> "/")
> cherrypy.response.status=403
> return dict(message=msg, previous_url=previous_url,
> logging_in=True,
> original_parameters=cherrypy.request.params,
> forward_url=forward_url)
>
> Auth will "fall back" to normal login in case BasicAuth fails. You
> could of course just raise 401 again.
>
>
Thanks, Rune, that looks like enough to get me started. Man, there's a
lot to learn to get TG going, isn't there ...
regards
Steve
--
Steve Holden +44 150 684 7255 +1 800 494 3119
Holden Web LLC/Ltd http://www.holdenweb.com
Skype: holdenweb http://holdenweb.blogspot.com
Recent Ramblings http://del.icio.us/steve.holden
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"TurboGears" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/turbogears
-~----------~----~----~----~------~----~------~--~---