tags:

views:

199

answers:

1
Q: 

Handle incorrect user/password repoze.who gracefully in Python/Pylons

im using FriendlyFormPlugin, but would like to retrieve the username that was input as part of the request.params, but its no longer there when i check. this way i can set the default for username if the password is incorrect. thanks

+1  A: 

I think what you need to do is to setup a post login handler action when you setup the middleware. In that action you can then check params, set a session var, etc. I had to hook into here in order to create a message to the user that their login had failed. I check for a 'login_failed' param on the login form. 

    def post_login(self):
    """ Handle logic post a user's login

    I want to create a login_handler that's redirected to after login. This would
    check 

    - if user was logged in, if not then send back to login
    - if user is admin, go to job list
    - adjust the max age on the existing cookie to XX remember me timeframe

    """
    if auth.check(not_anonymous()):
        log.debug('checked auth')
    else:
        # login failed, redirect back to login
        log.debug('failed auth')
        redirect_to(controller="root", action="login", login_failed=True)

    # expire this cookie into the future
    ck = request.cookies['authtkt']
    response.set_cookie('authtkt', ck,
            max_age=60*60*24*7,
            path='/'
    )

    redirect_to(controller="job", action="list")

In response for more details, too big to add as another comment:

So I've got a few things you can look at. First, this is my docs I'm writing as a repoze 'summary' to help explain to other devs how this stuff works/terminology used:

http://72.14.191.199/docs/morpylons/auth_overview.html

I started out using the repoze sql quickstart plugin: http://code.gustavonarea.net/repoze.what-quickstart/

I then ripped out their setup_sql_auth and modified it for our own needs since we do both SQL and LDAP auth in our apps. Go make sure to look at the plugin source for setup_sql_auth and go through it until you really understand what it's doing.

and since you asked on middleware config...

  app = setup_morpace_auth(app, User, Group, Permission, meta.Session,
                      post_login_url='/root/post_login',
                      post_logout_url='/login',
                      log_level='debug',
                      log_file='stdout'
                      )
Rick  2010-04-17 00:07:29
can u show how to handle it in middleware.py in python? im new
Timmy  2010-04-17 22:07:57
Ok, updated the answer to include more notes/details on setting it up.
Rick  2010-04-18 14:32:41
thanks, will do!
Timmy  2010-04-18 17:15:09

related questions

Programmatically talking to a Serial Port in OS X or Linux
Best ways to teach a beginner to program?
Calling a Function From a String With the Function's Name in Python
An executable Python app
Text Editor For Linux (Besides Vi)?
What Hosting Service is best for Django applications?
File size differences after copying a file to a server vía FTP
Python: what is the difference between (1,2,3) and [1,2,3], and when should I use each?
Python: What OS am I running on?
How do I make a menu in python that does not require the user to press (enter) to make a selection?
How do you express binary literals in Python?
What is the most efficient graph data structure in Python?
Adding a Method to an Existing Object
How to learn Python: Good Example Code?
How do I use Python's itertools.groupby()?
Python and MySQL
Class views in Django
Is there an IDE that provides code completion for Python
Using 'in' to match an attribute of Python objects in an array
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?
Continuous Integration System for a Python Codebase
Get a preview jpeg of a pdf on windows?
How can I find the full path to a font from its display name on a Mac?
XML Processing in Python