[Seaside] How can I access the authenticated user of a request?
Ian Prince
ian at inextenso.com
Wed Oct 29 09:35:32 CET 2003
On 29 oct. 03, at 09:08, Avi Bryant wrote:
> Ian Prince wrote:
>
>> My question: is it necessary to do so, isn't the basic authentication
>> username-password given by the browser's in the http request headers?
>> If so, how can I access them (or any other headers such as cookies)?
>
> There are several methods you could override that see the request as
> it goes past, but the request is currently never stored anywhere, so
> it's not easy to access it from arbitrary code. I'm not entirely sure
> that's a bad thing - the HTTP request is not an abstraction I want
> people to be thinking about very often, if at all, and so if there's
> anything useful in the request I'd prefer to provide some higher level
> way of getting at it. Given that, let me fire the question right back
> at you - how *should* you be able to access it?
I guess I have been spoiled/ruined by using Zope for too long. In Zope
you always have the REQUEST object available in DTML. I have no idea
how this/should this be "translated" into Seaside.
> And what would you use this access for?
In this particular case users are authenticated against a large on-disk
file of username/passwords. Once a user has an authenticated session he
or she has restricted access to the filesystem based on the username
entered.
In retrospect, nearly all the Zope applications I write have REQUEST
scattered all over the place. Of course, this is because I'm accessing
session state variables such as username, cookie this and cookie that -
which won't be necessary in my Seaside apps - so I think I see where
you are pointing to now.
OK, I'll go back to my code and store the username as an instance
variable!
Thanks for the input.
Ian.
P.S. on second thought wouldn't access to (say) request cookies be
useful for retrieving long-lasting seaside-session-independent user
preferences (e.g. retrieving an email address a user had previously
entered in a "old" seaside session).
> Avi
>
> _______________________________________________
> Seaside mailing list
> Seaside at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/listinfo/seaside
More information about the Seaside
mailing list