[albatross-users] login integration challenges again
Michael C. Neel
neel at mediapulse.com
Thu Sep 25 04:44:44 EST 2003
This is of cource my preference, but I don't think doing authencation
inside of albatross is the way to go. Rather wrap the auth code around
the albatross app. Since I'm using mod_python, this is farily easy - I
just define a auth handler for apache. If the auth handler fails, the
content handler (albatross) is never called.
I don't think this would be too much trouble in a cgi app; just before
you start up the albatross code, preform the needed login/premisson
checks.
Once we passed the auth code, I pass into the albatross request object
any auth data it might need, like such:
myReq = Request(req)
myReq.username = username
return app.run(myReq)
and then access these members though ctx.request (i.e.
ctx.request.username).
I've found this to work well no matter the auth scheme (http-auth,
cookie, even referer).
Mike
> -----Original Message-----
> From: Eric S. Johansson [mailto:esj at harvee.org]
> Sent: Wednesday, September 24, 2003 2:09 PM
> To: albatross-users
> Subject: [albatross-users] login integration challenges again
>
>
> I started trying to integrate the login code into one of my
> applications and I
> discovered a few things that show me it is time to learn more
> about albatross.
>
> The working model for albatross use was the single file for
> all methods and
> functions plus the glue code for activating albatross. The
> working model broke
> out the code in the following fashion:
>
> Includes
> independent functions
> classes
> albatross glue class with methods
> page_enter
> page_process
> page_display
> and last, glue code
> instance of SimpleApp
> register page (binding glue class to albatross)
> then run (request())
>
> Granted, many of the features around the glue code still
> escape me and I take
> the simpleminded view that page_enter is used to create
> initial values,
> page_process is used to perform work based on a button push
> and set up data for
> use during page_display. Page_display is used for any
> calculations necessary
> for page display independent of whether or not page
> page_display has run.
>
> Adding login semantics to this style of coding doesn't work
> well. For example,
> page_enter would use some form of login object instantiation
> and then storing
> that object as part of context.locals. Next during
> page_process the first thing
> one must do is validate that someone is logged in and a token
> is valid. If not
> control passes to a login page, potentially preserving the
> current state of the
> submit. Same thing is true for page_display because someone
> may just access the
> page for data display. Unfortunately, I do not remember if
> page_process
> executes every time you access the page or not.
>
> Conceptually, the big problem is the redirecting control to a
> login page and
> then picking up again from where you left off.
>
> So, is there any way to embed my login capabilities into
> albatross so that I can
> minimize the amount of work a user needs to remember to do in
> order to get
> authentication working with their application? Ideally, the
> most they should
> have to do would be to define a login authentication instance
> in the page_enter
> section and everything else should happen automatically and invisibly.
>
> I don't think I'm too far off base on usability model, I just
> need to know how
> to integrate with albatross better (I think)
>
> Suggestions? Ideas?
>
> ---eric
>
>
> _______________________________________________
> Albatross-users mailing list
> Albatross-users at object-craft.com.au
> https://www.object-craft.com.au/cgi-bin/mailman/listinfo/albat
ross-users
More information about the Albatross-users
mailing list