Making login form more user-friendly

7 views
Skip to first unread message

Ksenia

unread,
May 23, 2008, 6:48:02 AM5/23/08
to AuthKit
Hi,

I am using the following setup:
authkit.form.template.file = %(here)s/xxxxx/templates/login.mak
authkit.form.authenticate.user.type = xxxxx.auth.RoundupUsers

It works great, but I would like to make login form more user-
friendly:

- when login is invalid, display some notification, like "invalid
username / password, please try again"
- add checkbox "remember me"

Am I correct, that the only way for such customization is to use
"forward" authentication? If so, does it mean that I no longer can use
authkit.form.authenticate.user.type variabele, but have to query my
RoundupUsers class myself?

Thanks!

Ksenia.



Alen Ribic

unread,
Jun 3, 2008, 1:52:41 PM6/3/08
to AuthKit
> It works great, but I would like to make login form more user-
> friendly:
>
> - when login is invalid, display some notification, like "invalid
> username / password, please try again"
> - add checkbox "remember me"

I have the same problem. Does anyone have a solution as to how I can
send a message to user if username/password is incorrect?
Surely this should be trivial and very common task when doing form-
based auth.

-Alen

Mark Mitchell

unread,
Sep 3, 2008, 10:21:57 PM9/3/08
to Alen Ribic, AuthKit, Mark Mitchell
Did you ever find a solution to this issue?

From a cursory look at the source, it looks like form.py needs to be
modified in order for us to get this behavior.

http://authkit.org/trac/browser/AuthKit/trunk/authkit/authenticate/form.py

82 password = formvars.get('password')
83 if username and password:
84 if self.authfunc(environ, username, password):
85 log.debug("Username and password authenticated
successfully")
86 environ['AUTH_TYPE'] = 'form'
87 environ['REMOTE_USER'] = username
88 environ['REQUEST_METHOD'] = 'GET'
89 environ['CONTENT_LENGTH'] = ''
90 environ['CONTENT_TYPE'] = ''
91 del environ['paste.parsed_formvars']
92 return self.on_authorized(environ, start_response)
93 else:
94 log.debug("Username and password authentication
failed")
95 else:
96 log.debug("Either username or password missing")

The rendering template (or cached string I should say) doesn't ever
have the chance to be modified. Is this a good place to potentially
patch form.py to add this behavior? (maybe either another template,
one for if the login attempt has failed, or maybe making the template
rendering of the login page more dynamic, and passing it whether or
not the login attempt succeeded.

Any ideas? I'm new to AuthKit and it looks like most people solve
these issues by using the forward authenticator. Is this the road to
go down? I didn't look into it too much b/c it seemed like writing my
own handlers etc. loses a lot of the advantage of using a toolkit like
AuthKit in the first place (if I'm rolling my own why not keep it even
simpler...)

Thanks,

-Mark

Matt Feifarek

unread,
Sep 13, 2008, 6:21:25 PM9/13/08
to aut...@googlegroups.com
Mark, did you find a way to use your own form yet?

I'm stuck, too. The various Wiki examples and such that are out there don't even use the same config syntax.

Mark Mitchell

unread,
Sep 17, 2008, 1:16:05 PM9/17/08
to AuthKit
Matt,

I ended up modifying the latest AuthKit from SVN for making form based
authentication more user friendly with an error message if the user
types an incorrect username or password.

I uploaded the EGG file and the patch to forms.py to the AuthKit
group, try it out if you like. I'm also going to respond to your
other question of config sytax / customizing the login form (and now
the new error form).

-Mark
> >http://authkit.org/trac/browser/AuthKit/trunk/authkit/authenticate/fo...
Reply all
Reply to author
Forward
0 new messages