[Seaside] How can I access the authenticated user of a request?
Ian Prince
ian at inextenso.com
Tue Oct 28 11:29:12 CET 2003
Thanks for the quick reply, Avi.
I think there might be some confusion - I actually have
authentification working (I have written a subclass of
WAControllerSession with method authenticateUser:password).
Where I am stuck is how to find out (access) the username on post
basic-authentification requests.
In Zope/DTML this would be (from memory) <dtml-var
"REQUEST['AUTHENTICATED_USER']"> which returns a user object.
Thanks,
Ian.
On Mardi, oct 28, 2003, at 11:02 Europe/Zurich, Avi Bryant wrote:
> Ian Prince wrote:
>
>> For a small application I am building for a client (FWIW: a
>> directory/file browser with access control based on the
>> user/password), I need to access the "authenticated user" part of a
>> request.
>>
>> WARequest>>user seems to be what I want but how do I access the
>> request?
>
> Rather than accessing the request directly, I would use
> WASession>>basicAuthentication:do: . This takes two blocks:
>
> - the first is a two parameter block, which will get passed a username
> and password. You need to return true or false, depending on whether
> authentication succeeds. You can also take this opportunity to store
> the username.
>
> - the second is a zero parameter block. It is the scope within which
> authentication is used - any pages that are shown while evaluating
> that block will require authentication.
>
> So, you might have a front page with a login link that invokes a
> method like this:
>
> login
> self session
> basicAuthentication: [:user :pass | self authenticateUser: user
> password: pass]
> do: [self call: (AuthenticatedPage new)]
>
> _______________________________________________
> Seaside mailing list
> Seaside at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/listinfo/seaside
>
More information about the Seaside
mailing list