Pyramid, authentication and "userid"

[Sergei Stolyarov]

Hello.

In the pyramid.authentication.SessionAuthenticationPolicy (or
AuthTktAuthenticationPolicy) class description there is constructor
argument ``callback``. One of ``callback`` arguments is `userid`.

What exactly `userid` is? As I've found from the sources, it's a value
that passed to pyramid.security.remember, but in that method argument
is named "principal".

Moreover, I can pass to pyramid.security.remember not string but
object (sqlalchemy model for example) and everything is working just
fine (stored in the session).

So maybe developers should rename "userid" to "principal"?

And another question. What's the recommended way to store sqlalchemy
model instance in the session that represents current user? I don't
want to query database every HTTP request to obtain "user" object by
it's uid stored as ``principal`` value.

--
Sergei Stolyarov

[Chris McDonough]

Sorry, all three of these messages were held for moderation and I
approved all three. I have no idea why the pylons maillist holds
anything for moderation, it's not configured to, but haven't had time to
figure out why.

- C

[Jason]

I used this guide for making request.user return the user object:

https://docs.pylonsproject.org/projects/pyramid_cookbook/dev/authentication.html

[Jason]

Actually I misunderstood your post, but perhaps you could use a similar pattern for saving it in the session instead of the request?

[Sergei Stolyarov]

Thanks, I've already read that, it looks really complicated for me,
I'm trying to write something simple using already existing classes
from pyramid (SessionAuthenticationPolicy etc).

On Fri, Aug 12, 2011 at 1:38 AM, Jason <ja...@deadtreepages.com> wrote:
> Actually I misunderstood your post, but perhaps you could use a similar
> pattern for saving it in the session instead of the request?

--
Sergei Stolyarov