Chuck Esterbrook wrote:

Those starter pages can be a bore to trudge through when starting fresh projects. If UserKit provided out of the box:
- login panel
- registration
- including optional required confirmation, or optional cancellation
- password change
- lost password (forgotten or reset)
- profile editing


We've got some of that running in something we call "UserAccountKit". It's not so focussed on the creation and modification of profiles, since we handle that on intranet pages, but it does provide the login panel, cookie-management, and methods for servlet security tests.

It's shoehorned into a servlet via a mixin inheritance deal; the idea is that SecurePage can be inherited from instead of Page.py (just like the Ww example, only more sophisticated).

It's not great, but we'd be happy to share it with the group to try and get a more general purpose Kit going.

Right now, it's basically:

- a SecurePage.py that handles state via session, and provides for the various messages related to logging in and setting cookies etc.
- User.py -- a class that is a basic framework for a User (just a container, really)
- UserValidator.py -- a class that attempts to make a User() given login information. Ours checks against a ORM database via an external class; it can be modified to check against anything


There's also a bunch of templates for making new accounts and groups and assigning permissions and stuff, but it's all based around that ORM'd accounts database, so it won't be generally useful.

One thing that we do that might be annoying for people is to expand actions() into read_actions(), write, delete... methods are thusly categorized, and thereby a user's permissions are checked before application logic runs.

FYI...



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Webware-discuss mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/webware-discuss

Reply via email to