Custom tool: where is session?
21 views
Skip to first unread message
Yosifov Pavel
Nov 23, 2009, 10:25:33 AM11/23/09
to cherrypy-users
I use basic_auth. But I need some way to save the additional info
about logged user in session. How to do it? Does exists way to
"listen" successfull authentification with 'basic_auth' ? I can't find
something like this.
So, I try to write own, custom 'basic_auth':
def my_basic_auth(realm, users, encrypt=None):
cherrypy.session["ur"] = None
if cherrypy.lib.auth.check_auth(users, encrypt, realm):
# Authentication is successfull
... GET ADDITIONAL INFO ABOUT LOGGED USER
(cherrypy.request.login)...
cherrypy.session["ur"] = r # AND SAVE TO SESSION
else:
# Authentication error/cancel
cherrypy.request.login = False
cherrypy.response.headers['www-authenticate'] =
cherrypy.lib.httpauth.basicAuth(realm)
raise cherrypy.HTTPError(401, "You are not authorized to
access that resource")
I use config:
...
[/]
tools.sessions.on = True
[/some_page]
tools.my_basic_auth.on = True
tools.my_basic_auth.realm = "us"
tools.my_basic_auth.users = usrdb("us")
tools.my_basic_auth.encrypt = encpswd
But I get error:
...
cherrypy.session["ur"] = None
AttributeError: 'module' object has no attribute 'session'
Seems like no session when my_basic_auth() is called. Or something
else?
==
Best,
Yosifov P.
about logged user in session. How to do it? Does exists way to
"listen" successfull authentification with 'basic_auth' ? I can't find
something like this.
So, I try to write own, custom 'basic_auth':
def my_basic_auth(realm, users, encrypt=None):
cherrypy.session["ur"] = None
if cherrypy.lib.auth.check_auth(users, encrypt, realm):
# Authentication is successfull
... GET ADDITIONAL INFO ABOUT LOGGED USER
(cherrypy.request.login)...
cherrypy.session["ur"] = r # AND SAVE TO SESSION
else:
# Authentication error/cancel
cherrypy.request.login = False
cherrypy.response.headers['www-authenticate'] =
cherrypy.lib.httpauth.basicAuth(realm)
raise cherrypy.HTTPError(401, "You are not authorized to
access that resource")
I use config:
...
[/]
tools.sessions.on = True
[/some_page]
tools.my_basic_auth.on = True
tools.my_basic_auth.realm = "us"
tools.my_basic_auth.users = usrdb("us")
tools.my_basic_auth.encrypt = encpswd
But I get error:
...
cherrypy.session["ur"] = None
AttributeError: 'module' object has no attribute 'session'
Seems like no session when my_basic_auth() is called. Or something
else?
==
Best,
Yosifov P.
João Pinto
Nov 23, 2009, 11:40:20 AM11/23/09
to cherryp...@googlegroups.com
Hello,
I believe you need to set the storage related parameters, I am using the following:
cherrypy.config.update({'tools.sessions.on': True \
, 'tools.sessions.storage_type': "file" \
, 'tools.sessions.storage_path': "/tmp/cherrypy_sessions_" + app_name \
, 'tools.sessions.timeout': 60 \
})
Best regards
--
João Pinto
IRC: joaopinto @ irc.freenode.net
Jabber ID: lamego...@gmail.com
GetDeb Team Leader - http://www.getdeb.net
I believe you need to set the storage related parameters, I am using the following:
cherrypy.config.update({'tools.sessions.on': True \
, 'tools.sessions.storage_type': "file" \
, 'tools.sessions.storage_path': "/tmp/cherrypy_sessions_" + app_name \
, 'tools.sessions.timeout': 60 \
})
Best regards
2009/11/23 Yosifov Pavel <aqu...@gmail.com>
--
You received this message because you are subscribed to the Google Groups "cherrypy-users" group.
To post to this group, send email to cherryp...@googlegroups.com.
To unsubscribe from this group, send email to cherrypy-user...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/cherrypy-users?hl=.
--
João Pinto
IRC: joaopinto @ irc.freenode.net
Jabber ID: lamego...@gmail.com
GetDeb Team Leader - http://www.getdeb.net
Yosifov Pavel
Nov 23, 2009, 12:34:30 PM11/23/09
to cherrypy-users
On 23 ноя, 22:40, João Pinto <lamego.pi...@gmail.com> wrote:
> Hello,
> I believe you need to set the storage related parameters, I am using the
> following:
>
> cherrypy.config.update({'tools.sessions.on': True \
> , 'tools.sessions.storage_type': "file" \
> , 'tools.sessions.storage_path': "/tmp/cherrypy_sessions_" +
> app_name \
> , 'tools.sessions.timeout': 60 \
>
> })
I have add this.
> Hello,
> I believe you need to set the storage related parameters, I am using the
> following:
>
> cherrypy.config.update({'tools.sessions.on': True \
> , 'tools.sessions.storage_type': "file" \
> , 'tools.sessions.storage_path': "/tmp/cherrypy_sessions_" +
> app_name \
> , 'tools.sessions.timeout': 60 \
>
> })
But I get: the same error.
So, not "module", but "_Serving". May be, is there some way to
"listen" CP's tools' events, for example when "basic_auth" is done
(logged user)?
==
Best,
Yosifov P.
João Pinto
Nov 23, 2009, 12:50:29 PM11/23/09
to cherryp...@googlegroups.com
Have you checked the tools priority ?
Your auth tool must have an higher priority to make sure it's called after the session tool.
Your auth tool must have an higher priority to make sure it's called after the session tool.
2009/11/23 Yosifov Pavel <aqu...@gmail.com>
==
Best,
Yosifov P.
--
You received this message because you are subscribed to the Google Groups "cherrypy-users" group.
To post to this group, send email to cherryp...@googlegroups.com.
To unsubscribe from this group, send email to cherrypy-user...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/cherrypy-users?hl=.
Yosifov Pavel
Nov 23, 2009, 10:47:03 PM11/23/09
to cherrypy-users
On 23 ноя, 23:50, João Pinto <lamego.pi...@gmail.com> wrote:
> Have you checked the tools priority ?
> Your auth tool must have an higher priority to make sure it's called after
> the session tool.
>
again:
if __name__ == '__main__':
import os.path
thisdir = os.path.dirname(__file__)
cherrypy.tools.my_basic_auth = cherrypy.Tool('on_start_resource',
my_basic_auth, priority=100)
cherrypy.quickstart(root, "/", config=os.path.join(thisdir,
"site.conf"))
==
Best,
Yosifov P.
Yosifov Pavel
Nov 23, 2009, 11:46:27 PM11/23/09
to cherrypy-users
Hmm. Now I'm trying:
cherrypy.tools.my_basic_auth = cherrypy.Tool
("before_request_body", my_basic_auth, priority=100)
with "before_request_body" and priority 100 to move call AFTER session
and this works. How much is this correct?
But my 2nd question is: does CP have some "listeners/events" subsystem
like Django? Or instead this CP has fixed "code points" like
("on_start_resource", "before_request_body"...) and is possible only
to attach own tool to some of these points?
So, no way to wait for end-of-work of "basic_auth" tool?
PS. I'm agree with CP way with "fixed points" - it seems more
efficient
==
Best,
Yosifov P.
cherrypy.tools.my_basic_auth = cherrypy.Tool
("before_request_body", my_basic_auth, priority=100)
with "before_request_body" and priority 100 to move call AFTER session
and this works. How much is this correct?
But my 2nd question is: does CP have some "listeners/events" subsystem
like Django? Or instead this CP has fixed "code points" like
("on_start_resource", "before_request_body"...) and is possible only
to attach own tool to some of these points?
So, no way to wait for end-of-work of "basic_auth" tool?
PS. I'm agree with CP way with "fixed points" - it seems more
efficient
==
Best,
Yosifov P.
João Pinto
Nov 24, 2009, 1:50:06 AM11/24/09
to cherryp...@googlegroups.com
Hello Yosifov Pavel,
if it works from before_request_body it means the session tool uses the "before_request_body" hook and not the "on_start_resource". It should be safe.
Take a look at http://www.cherrypy.org/wiki/RequestObject
As far I understood CP uses fixed points, I am not sure I understood your "end-of-work" requirement, if you need to have chain tools you use the priority value.
Yosifov Pavel
Nov 24, 2009, 4:01:42 AM11/24/09
to cherrypy-users
Thanks a lot!
==
Cheers,
Yosifov P.
==
Cheers,
Yosifov P.
Reply all
Reply to author
Forward
0 new messages