Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
pylons-discuss
Message from discussion Problems with AuthKit (was: Django or Pylons - comparison details)

View parsed - Show only message text

MIME-Version: 1.0
Received: by 10.100.33.4 with SMTP id g4mr119646ang.22.1228928755577; Wed, 10 
	Dec 2008 09:05:55 -0800 (PST)
Date: Wed, 10 Dec 2008 09:05:55 -0800 (PST)
In-Reply-To: <65d594640812080640h3c3cd069p45a4f8f914e374ac@mail.gmail.com>
X-IP: 84.9.43.145
References: <65d594640812080640h3c3cd069p45a4f8f914e374ac@mail.gmail.com>
User-Agent: G2/1.0
X-HTTP-UserAgent: Mozilla/5.0 (X11; U; Linux i686; en-GB; rv:1.9.0.1) 
	Gecko/2008072820 Firefox/3.0.1,gzip(gfe),gzip(gfe)
Message-ID: <24edcf5c-8ae6-4d53-8c1d-35b52f1982a9@w24g2000prd.googlegroups.com>
Subject: Re: Problems with AuthKit (was: Django or Pylons - comparison 
	details)
From: James Gardner <ja...@pythonweb.org>
To: pylons-discuss <pylons-discuss@googlegroups.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

Hi Raul,

Just to add to what Dalius has said...

> > a) the author or authkit is never around

I am occasionally ;-)

> > b) authkit is way over complicated

Agreed, but authentication and authorisation *is* complicated and
there are lots of different use cases.

> > c) autukit sucks in other ways
> > d) all of the above.

???

> This is unfortunately very true. I looked at AuthKit for possible
> inclusion in a project of mine, but it's complicated in areas it
> doesn't need to be, very basic in other areas, and not very flexible.
> In the end I wrote my own authorisation and authentication system.

AuthKit tries to be a flexible basis for your own system. Sometimes it
is easier to create your own system than to base it on AuthKit, I
don't have a problem with that.

> These are the things I wanted in my auth+auth system:
> - Customisable table names
> - Users, Roles and Permissions
> - Hide/show menu items pulled from the DB, based on permissions
> - Enable/disable links, based on permissions
> - Hide/show sections of pages, based on permissions
> - User access to pages/methods, based on permissions
> - Fairly simple access checking

AuthKit can help with all these things apart from Customisable table
names but it doesn't provide a GUI admin system which seems to be what
you are after?

> I haven't gotten the "access to pages/methods" going yet (not 100%
> sure how to implement it yet), but I have the rest of the stuff
> working.
>
> Some of the reasons why I couldn't use AuthKit:
> - Users/Groups far too limited (no "permissions")
> - No way to show/hide page elements based on permissions
> - No way to show/hide menu items pulled from the DB based on permissions
> - Too rigid

That's not really true is it? Have you seen this:
http://authkit.org/svn/AuthKit/trunk/authkit/permissions.py

There are permissions for all sorts of things to do with roles,
groups, IP addresses, time of day etc etc. The permissions system is
designed in such a way that you can create your own permissions too if
the defaults don't fit your needs.

% if authorized(RemoteUser()):
    <a href="/signed_in">Click here</a>.
% else:
    <a href="/not_signed_in">Click here</a>.

Good luck with your implementation anyway.

Cheers,

James

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2013 Google