close Warning: Can't synchronize with repository "(default)" (Unsupported version control system "svn": No module named svn). Look in the Trac log for more information.

Changes between Version 7 and Version 8 of AuthFramework


Ignore:
Timestamp:
Aug 6, 2008, 8:42:55 PM (13 years ago)
Author:
cmlenz
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • AuthFramework

    v7 v8  
    2828
    2929The current branch defines an `AuthMixIn` class that auth-enabled applications are supposed to subclass. It adds a couple of method stubs to the `Application` class, and contributes a [wiki:RequestFilters request filter] that performs authentication.
     30
     31A concrete application would inherit from `AuthMixIn` in addition to being derived from [wiki:ApplicationObject Application], and would probably want to implement two methods for handling the domain-specific details of identifying users and controlling their access to certain actions and/or resources. For example:
     32
     33{{{
     34#!python
     35class MyApp(Application, AuthMixIn):
     36    ...
     37
     38    def authenticate(self, username, password=None):
     39        return User.find(name=username)
     40
     41    def is_authorized(self, principal, action=None, resource=None):
     42        if action:
     43            return action in principal.permissions
     44        return True
     45}}}
    3046
    3147=== Filters Refactoring ===