Lee Connell wrote:
Also, the login controller is still called when the user attempts to authenticate, it just redirects it to in this case /verify_login if the authentication is successful, otherwise it reports the authentication error message to the login.kid template?
Not quite. Yes, the login controller is called. But remember (if you followed the recipe), the login form in the kid template _always_ points to /verify_login. So, the new progression goes something like this. - unauthorized user requests to go to /secret protected url - Identity intercepts the request, and sees that the user is not authorized - User is internally redirected to /login controller, which displays a form with a target of /verify_login. Browser url still shows /secret - User inputs credentials, and submits them to /verify_login controller - Identity intercepts the request, and (possibly) authenticates the user. - In verify_login, we really just check if the user just logged in. If they did, we do our special stuff. Regardless, the next step is to - verify_login forwards the request to /secret. If the user is authorized, they will see the /secret page. If not, they will start over at step 1 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears?hl=en -~----------~----~----~----~------~----~------~--~---
