How to know if a user is logged in?
13 views
Skip to first unread message
Terrence Brannon
Oct 19, 2008, 7:21:52 AM10/19/08
to Nagare users
I have my HTML all set up. If a user is not logged in, then he is
presented with the Login | Register text so that he can login or
register:
<span meld:id="not_logged_in">
<a meld:id="login" class="bannerLink" >Login</a> |
<a meld:id="register" class="bannerLink" >Register</a>
</span>
If he is logged in, then I delete that entire span node above (how can
I do this using meld/elementree, lxml?) and instead present him with a
link to the members area.
<span meld:id="logged_in">
<a meld:id="members_area" class="bannerLink">Members Area</a>
</span>
But the question is, what support does Nagare have for cookies/user
recognition?
presented with the Login | Register text so that he can login or
register:
<span meld:id="not_logged_in">
<a meld:id="login" class="bannerLink" >Login</a> |
<a meld:id="register" class="bannerLink" >Register</a>
</span>
If he is logged in, then I delete that entire span node above (how can
I do this using meld/elementree, lxml?) and instead present him with a
link to the members area.
<span meld:id="logged_in">
<a meld:id="members_area" class="bannerLink">Members Area</a>
</span>
But the question is, what support does Nagare have for cookies/user
recognition?
apoirier
Oct 22, 2008, 12:59:25 PM10/22/08
to Nagare users
On Oct 19, 1:21 pm, Terrence Brannon <metap...@gmail.com> wrote:
> I have my HTML all set up. If a user is not logged in, then he is
> presented with the Login | Register text so that he can login or
> register:
>
> <span meld:id="not_logged_in">
> <a meld:id="login" class="bannerLink" >Login</a> |
> <a meld:id="register" class="bannerLink" >Register</a>
> </span>
>
> If he is logged in, then I delete that entire span node above (how can
> I do this using meld/elementree, lxml?)
Use the ``replace()`` method of the node:
> I have my HTML all set up. If a user is not logged in, then he is
> presented with the Login | Register text so that he can login or
> register:
>
> <span meld:id="not_logged_in">
> <a meld:id="login" class="bannerLink" >Login</a> |
> <a meld:id="register" class="bannerLink" >Register</a>
> </span>
>
> If he is logged in, then I delete that entire span node above (how can
> I do this using meld/elementree, lxml?)
tree.findmeld('not_logged_in').replace(new_tree)
> and instead present him with a
> link to the members area.
>
> <span meld:id="logged_in">
> <a meld:id="members_area" class="bannerLink">Members Area</a>
> </span>
>
> But the question is, what support does Nagare have for cookies/user
> recognition?
authentication)
with flexible security rules. But the documentation about this
security service is not yet written.
Here is a commented exemple of a form/cookie authentication, with a
``Login`` component
(you can test it with ``<NAGARE_HOME>/bin/nagare-admin serve-module ./
auth.py:App test``):
from __future__ import with_statement
from nagare import presentation, component, wsgi, security
from nagare.security import form_auth
class User(security.common.User):
"""The users of our application"""
def __init__(self, id):
self.id = id
class Authentification(form_auth.Authentification):
"""The authentication manager
The authentication manager inherits from
``form_auth.Authentification``
So, it uses the ``__ac_name`` and ``__ac_password`` parameters
to create
the user and then set an authentication cookie
"""
def get_password(self, username):
"""This method is called when Nagare needs the password of a user
In:
- ``username`` -- the user id, as received in the ``__ac_name``
parameter
Return:
- the password of this user
"""
# In this example, the password of a user is his name
return username
def _create_user(self, username):
"""This method is called when Nagare has authenticated the user and
needs to create the user object
In:
- ``username`` -- the user id (``None`` if the authentication is
invalid)
Return:
- a user object or
- ``None`` for the anonymous user
"""
# If the authentication is wrong, the user is the anonymouse user
return None if username is None else User(username)
class SecurityManager(Authentification, security.common.Rules):
"""The security manager
In this example, the application only authenticates the users
but doesn't
apply any security rules. So this class is empty.
"""
pass
class WSGIApp(wsgi.WSGIApp):
"""Our application
We set its ``security`` attribute with our SecurityManager
"""
def __init__(self, factory):
super(WSGIApp, self).__init__(factory)
self.security = SecurityManager()
#
------------------------------------------------------------------------------------
class Login:
"""
A component to log a user
"""
def logout(self):
security.get_manager().logout()
@presentation.render_for(Login)
def render(self, h, *args):
user = security.get_user() # ``user`` is ``None`` or a
``User`` instance
if user:
# The user is authenticated
h << 'Welcome ' << h.b(user.id)
h << ' ' << h.a('(logout)').action(self.logout)
else:
# Anonymous user
with h.form:
# The ``login`` and ``password`` fields must be names
``__ac_name`` and
# ``__ac_password``
h << 'Login: ' << h.input(name='__ac_name') << ' '
h << 'Password: ' << h.input(type='password',
name='__ac_password') << ' '
h << h.input(type='submit', value='ok')
h << h.i('(password == login to enter)')
return h.root
#
------------------------------------------------------------------------------------
# Our application instance. Its root component factory creates a
``Login`` component
app = WSGIApp(lambda: component.Component(Login()))
Reply all
Reply to author
Forward
0 new messages