On Sun, 2009-06-28 at 10:29 +0100, Ken Corey wrote: > Hiya Branko, > > I like your new design for the logo, BTW.
Thanks. :) > I'm a web.py newbie, and thought I'd put my authorisation system out > there for comments. Might be useful to you...or I might have completely > mucked it up. <SNIPPAGE> > Finally, to login, the POST processing of the login page sets the > sess.logged_in variable appropriately (along with other useful bits of > information like account number, etc). > > Does that sound useful? Did I do it in a boneheaded way? I'll read this through 2 or 10 times. I'm so new to this topic I don't understand what you wrote all that well. Please give me some time. :P Perhaps I should have been more concrete, concrete, though. What I'm most interested in is how do I encrypt passwords and usernames, how do I store them (e.g., do I store hash(uname+loging+salt+whatever?) or just the pw) in the DB, and finally how to track the user's status. The last bit I've some vague idea about. It's not unimaginable I'd be using sessions to store the logged-in status, and clear that when user logs out, etc... >From what I've seen on the web, and perhaps your example is somewhat like it, most folks do page-based authentication. I would also like to decouple that from the GET and POST methods, and check for authentication in templates. Sort of like unlocking parts of the page. For example, I have a blog. On the index page of the blog, I also list unpublished posts. So, if I'm authenticated, I get access to those, otherwise, I only get a login link. Hope I'm making sense at least a little bit. :) -- Branko eml: [email protected] alt: [email protected] blg1: http://sudologic.blogspot.com/ blg2: http://brankovukelic.blogspot.com/ img: http://picasaweb.google.com/bg.branko twt: http://www.twitter.com/foxbunny/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web.py" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/webpy?hl=en -~----------~----~----~----~------~----~------~--~---
