User logged in after confirming email

1 view
Skip to first unread message

Andrej

unread,
May 18, 2007, 10:02:29 PM5/18/07
to tg-registration
Hello,

How would one go about having the user be logged in after verifying
the email link? Got to put "identity.set_current_identity(userobject)"
somewhere in the validate_new_user method?

Thank you,
Andrej

Message has been deleted
Message has been deleted

Patrick Lewis

unread,
May 19, 2007, 12:58:37 PM5/19/07
to tg-registration

Oh, no, that would be far too easy, wouldn't it? Unfortunately, this
is a bit of a pain to do. set_current_identity will work only for
this request; on the next request, the user will be unauthenticated
again. What you need to do is associate the visit with an identity in
the database in addition to set_current_identity. If you have hashed
user passwords (i.e. you've defined an encryption algorithm for
identity to use in your config file), it is more troublesome than it
should be. For example (untested):

# 'userobj' is assumed to be an existing user object
# sqlalchemy code

ident = identity.current_provider.authenticated_identity(userobj)
key = visit.current().key
ident.visit_key = key
identity.set_current_identity(ident)
vi = session.query(VisitIdentity).selectfirst(
VisitIdentity.c.visit_key==key)
if vi is None:
vi = VisitIdentity(visit_key=key, user_id=userobj.user_id)
session.save(vi)
else:
vi.user_id = userobj.user_id

code generally swiped from:
http://groups.google.com/group/turbogears/msg/bb1d45c65311e33e

If your passwords aren't hashed, then it's a lot easier:

# validate_identity does the visit/identity association for you
ident = identity.current_provider.validate_identity(
userobj.username,
userobj.password,
cherrypy.request.tg_visit.key)
identity.set_current_identity(ident)

As to where this goes, yes you are right, it should go in the
validate_new_user controller.


Andrej

unread,
May 20, 2007, 12:44:04 PM5/20/07
to tg-registration
Patrick,

Thank you for your reply. I looked at the validate_new_user, but could
not figure out where to put the code. I tried line 120, but that
didn't work. I don't really understand what's happening. Can you
please give me a hint where to put it? I'm using plain text passwords
(my site doesn't have any crazy personal info)

Thank you,
Andrej

Patrick Lewis

unread,
May 20, 2007, 9:10:30 PM5/20/07
to tg-registration
This validate_new_user works for me (automatically logs in the user):

http://paste.turbogears.org/paste/1304

The project is using sqlalchemy. I think it should be the same for
sqlobject, but I didn't check.

Andrej

unread,
May 20, 2007, 9:48:35 PM5/20/07
to tg-registration
Thank so much! That did the trick, works great with SO.


Reply all
Reply to author
Forward
0 new messages