project multiple company

23 views
Skip to first unread message

Paolo Rossi

unread,
Nov 7, 2020, 8:28:25 AM11/7/20
to TurboGears
Hi everybody
My name is Alberto and I work in a software company; we developed an interface to cics 3270 world by turbogears2 and x3270 software; all is working but now we have a big problem with authentication. we serve multiple company and out internal standard for every project in the web is www.project.it/xx/..... where xx is a code for the company. The first problem with this type of url are the sa_auth.login_url, sa_auth.logout_handler, sa_auth.post_login_url, sa_auth.post_logout_url: we need something like /xx/login, /xx/post_login etc. where xx is parametric. Same problem with sa_auth.cookie_name
, we need something like "auth_tkn_xx" and not the simple "auth_tkn" as now.
Is there a way to give this value by our code?
Sorry for my bed Englisk
Best regards
Alberto

Alessandro Molina

unread,
Nov 9, 2020, 5:34:17 AM11/9/20
to TurboGears
The FastFormPlugin which is in charge of recognising `login_url`, `logout_handler` etc does so based on the urls on the configuration. They can't be dynamic as once the plugin is configured they can't change anymore.

What you are trying to do can be done btw. But you will have to replace the challengers and identifiers (see https://turbogears.readthedocs.io/en/development/turbogears/authentication.html#advanced-customizations ) with custom versions that do the job based on the company. Probably write your own FastFormPlugin subclass ( https://github.com/TurboGears/tg2/blob/development/tg/configuration/auth/fastform.py ) to set as the challenger and identifier and maybe also your own subclass of AuthTktCookiePlugin ( https://github.com/repoze/repoze.who/blob/master/repoze/who/plugins/auth_tkt.py ) to use as an identifier and authenticator if you want to use a different cookie for each company.
 
Another simpler alternative might be to just keep the same underlying configuration for all companies but set a value in the session that remembers for which company the user is trying to authenticate every time a company website is accessed. At that point the `/login`, `/post_login` and so on urls could just redirect you to their company dedicated counterparts based on the value stored in the session.


--
You received this message because you are subscribed to the Google Groups "TurboGears" group.
To unsubscribe from this group and stop receiving emails from it, send an email to turbogears+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/turbogears/9d0a7fdc-e9e7-4570-8343-9ac8edda9af2n%40googlegroups.com.

Paolo Rossi

unread,
Nov 9, 2020, 9:11:32 AM11/9/20
to TurboGears
Thanks
I'll try the simpler alternative.

Alberto
Reply all
Reply to author
Forward
0 new messages