[albatross-users] Finding Saved Values in Sessions

Mike Barrett mike at daboyz.org
Mon Aug 19 05:19:01 EST 2002 

Cool, thank you for the fast response.  I have a question though:

What would be the best way about discovering if something is saved in the
session object?  If I look in locals for isAuthenticated, then can't someone
just provide a GET request with something like 
http://site/blah.py?isAuthenticated=1 and it will be in the locals namespace?

Also, one more question:  Is there anyway to make <al-form> use the POST
method rather than GET?

Thanks for all your help.

On Sun, Aug 18, 2002 at 07:49:28PM +1000, Dave Cole wrote:
 
> In a session based application the loading of sessions happens
> automatically.  By the time your page_enter(), page_leave(),
> page_process(), or page_display() is executed the session has been
> loaded into ctx.locals.  This means that all you really need to do is
> something like the following:
> 
>     ctx.locals.isAuthenticated = hasattr(ctx.locals, 'loginName')
> 
> >     But it doesn't seem to work.
> 
> The problem is that decode_session() does not return a decoded
> session, it decodes the session into ctx.locals and then returns None.
> 
> None should only be returned when the session does not exist.  This
> will happen either the first time that the browser accesses the
> application, or when an exception is raised in the application.  To be
> defensive, the Application run() method deletes a session if it
> catches an exception.  This prevents nasty situations where a browser
> gets trapped in an exception hole.
> 
> Try the suggestion above.
> 
> - Dave
> 
> -- 
> http://www.object-craft.com.au
> 
> _______________________________________________
> Albatross-users mailing list
> Albatross-users at object-craft.com.au
> https://www.object-craft.com.au/cgi-bin/mailman/listinfo/albatross-users

-- 
     ________________________________________________________________________
                Mike Barrett | "I used to read, now I go to raves."
             mike at daboyz.org | -- Random MUNI Rider, speaking
              www.daboyz.org |    to my friend Allison.
     ------------------------+-----------------------------------------------

More information about the Albatross-users mailing list