Squatting applications and authentication.

8 views
Skip to first unread message

Daniel Pittman

unread,
May 21, 2010, 1:13:14 AM5/21/10
to squatting...@googlegroups.com
G'day.

I am prototyping a web application using some of the "microframeworks",
including Squatting. As part of that I want to have the best chance of doing
things the right, not just the obvious, way.

One of the issues I have with Squatting, right now, is working out how best to
integrate authentication into the site: we are going to have a couple of areas
that require a login, along with a couple of unprotected areas.

As far as I can tell the best way to implement this protection uniformly
across the "admin" area — which will be a handful of different controllers, in
the current design — is to wrap the 'service' method.


That way we can ensure that we apply the right protection to the area, no
matter how many or few controllers it consists of. (Also, that we apply them
to third party applications we might mount into that space.)


Is that the best model? If so, one of the issues we face is that we will want
to redirect an unauthenticated session to the login form, which presumably
means doing that inside the 'service' method...

Daniel
--
✣ Daniel Pittman ✉ dan...@rimspace.net+61 401 155 707
♽ made with 100 percent post-consumer electrons

--
You received this message because you are subscribed to the Google Groups "squatting-framework" group.
To post to this group, send email to squatting...@googlegroups.com.
To unsubscribe from this group, send email to squatting-frame...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/squatting-framework?hl=en.

beppu

unread,
May 24, 2010, 3:39:19 AM5/24/10
to squatting-framework


On May 20, 10:13 pm, Daniel Pittman <dan...@rimspace.net> wrote:
> As far as I can tell the best way to implement this protection uniformly
> across the "admin" area — which will be a handful of different controllers, in
> the current design — is to wrap the 'service' method.
...
> Is that the best model?  If so, one of the issues we face is that we will want
> to redirect an unauthenticated session to the login form, which presumably
> means doing that inside the 'service' method...

Handling the auth check in the service method is fine, and doing
redirects inside the service method is fine, too.

--beppu
Reply all
Reply to author
Forward
0 new messages