http://www.cherrypy.org/wiki/CustomTools covers it pretty well. To run
something at the beginning of the request, use the 'on_start_resource'
hook just like the 'print_path' example does. To do user authentication,
you're probably going to be checking
cherrypy.request.headers['WWW-Authenticate'] and maybe raise
cherrypy.HTTPError(401) if they can't authenticate. See
cherrypy.lib.auth for some helper functions. Of course, if you just want
basic/digest auth, there are already builtin tools for that.
Robert Brewer
fuma...@aminus.org
Sessions are implemented with hooks and tools too, so you just have to
make sure your tool runs after session.init is called. Looks like that's
before_request_body, priority=50 by default. It can't really be any
earlier than that because it has to run after the request headers are
read and parsed. So run your tool after that; either
before_request_body, priority 75 or something, or before_handler.
You also need to lock the session while you read/write it. By default,
that happens before_handler. If you set sessions.locking = 'early' it'll
run before_request_body, priority=60. You can also set
sessions.locking='explicit' and call
cherrypy.serving.session.acquire_lock()/release_lock() on your own.
Robert Brewer
fuma...@aminus.org
http://www.cherrypy.org/wiki/BuiltinTools#tools.basic_auth and
http://www.cherrypy.org/wiki/BuiltinTools#tools.digest_auth are the two
I was talking about. Aside from those few paragraphs, the source code is
probably best...
Robert Brewer
fuma...@aminus.org