Hi folks, I have a bunch of controllers in tg1 that are all using the built-in identity framework for authentication. All works well.
Now I'd like to expose some of these controllers in such a way that if a semi-random string is received as a GET parameter then that should also authenticate the user. If this "authkey" is not received in the URL then the usual identity framework should kick in. What I have in mind is something like "send link to a friend" but the friend who receives the link with the "authkey" may not have an account, so he can not log in, but I still would like to have him view the page, but only the page for which he has received the link with the "authkey" and not another one. These "authkeys" would be stored in the db and of course would be specific to each controller. And probably they would expire after a while. Does anyone have a simple solution for this? What would be the right approach? Cheers, Daniel -- Psss, psss, put it down! - http://www.cafepress.com/putitdown -- You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/turbogears?hl=en.
