From a cursory look at the source, it looks like form.py needs to be
modified in order for us to get this behavior.
http://authkit.org/trac/browser/AuthKit/trunk/authkit/authenticate/form.py
82 password = formvars.get('password')
83 if username and password:
84 if self.authfunc(environ, username, password):
85 log.debug("Username and password authenticated
successfully")
86 environ['AUTH_TYPE'] = 'form'
87 environ['REMOTE_USER'] = username
88 environ['REQUEST_METHOD'] = 'GET'
89 environ['CONTENT_LENGTH'] = ''
90 environ['CONTENT_TYPE'] = ''
91 del environ['paste.parsed_formvars']
92 return self.on_authorized(environ, start_response)
93 else:
94 log.debug("Username and password authentication
failed")
95 else:
96 log.debug("Either username or password missing")
The rendering template (or cached string I should say) doesn't ever
have the chance to be modified. Is this a good place to potentially
patch form.py to add this behavior? (maybe either another template,
one for if the login attempt has failed, or maybe making the template
rendering of the login page more dynamic, and passing it whether or
not the login attempt succeeded.
Any ideas? I'm new to AuthKit and it looks like most people solve
these issues by using the forward authenticator. Is this the road to
go down? I didn't look into it too much b/c it seemed like writing my
own handlers etc. loses a lot of the advantage of using a toolkit like
AuthKit in the first place (if I'm rolling my own why not keep it even
simpler...)
Thanks,
-Mark