[albatross-users] Finding Saved Values in Sessions
Mike Barrett
mike at daboyz.org
Mon Aug 19 05:19:01 EST 2002
Cool, thank you for the fast response. I have a question though:
What would be the best way about discovering if something is saved in the
session object? If I look in locals for isAuthenticated, then can't someone
just provide a GET request with something like
http://site/blah.py?isAuthenticated=1 and it will be in the locals namespace?
Also, one more question: Is there anyway to make <al-form> use the POST
method rather than GET?
Thanks for all your help.
On Sun, Aug 18, 2002 at 07:49:28PM +1000, Dave Cole wrote:
> In a session based application the loading of sessions happens
> automatically. By the time your page_enter(), page_leave(),
> page_process(), or page_display() is executed the session has been
> loaded into ctx.locals. This means that all you really need to do is
> something like the following:
>
> ctx.locals.isAuthenticated = hasattr(ctx.locals, 'loginName')
>
> > But it doesn't seem to work.
>
> The problem is that decode_session() does not return a decoded
> session, it decodes the session into ctx.locals and then returns None.
>
> None should only be returned when the session does not exist. This
> will happen either the first time that the browser accesses the
> application, or when an exception is raised in the application. To be
> defensive, the Application run() method deletes a session if it
> catches an exception. This prevents nasty situations where a browser
> gets trapped in an exception hole.
>
> Try the suggestion above.
>
> - Dave
>
> --
> http://www.object-craft.com.au
>
> _______________________________________________
> Albatross-users mailing list
> Albatross-users at object-craft.com.au
> https://www.object-craft.com.au/cgi-bin/mailman/listinfo/albatross-users
--
________________________________________________________________________
Mike Barrett | "I used to read, now I go to raves."
mike at daboyz.org | -- Random MUNI Rider, speaking
www.daboyz.org | to my friend Allison.
------------------------+-----------------------------------------------
More information about the Albatross-users
mailing list