[Twisted-web] HTTP-AUTH for web2 / Kudos on web2's operation
James Y Knight
foom at fuhm.net
Wed Nov 16 09:11:49 MST 2005
On Nov 16, 2005, at 4:34 AM, glyph at divmod.com wrote:
> On Tue, 15 Nov 2005 23:05:09 -0500, "Clark C. Evans"
> <cce at clarkevans.com> wrote:
>> 1. It would be delightful if WebContext had a request()
>> helper method that did the appropriate adaptation
>> to an IRequest
> It would be even nicer if WebContext went away entirely, since the
> only thing anyone ever does with it is retrieve the request.
I think I agree that it should be removed from web2, as its nesting
features are pretty much not necessary, and that accounts for most of
the complexity. The only concern I have is of where users will store
per-request data (what to replace it with). In twisted.web, Request
was a Componentized. In Nevow, they currently have ctx. If you remove
both these possibilities, what then? JP argues that users should not
store per-request data associated with the request, but rather,
somewhere else handwavy depending on the circumstances. I don't know
that I believe him.
I think of something like parsing user authentication information at
a high level up in the resource tree and making it available to a
Resource low in the tree. It is fairly clearly a per-request bit of
state which may be useful to a some subset of the pages, and as such
seems like it should be attached to the Request. Just going and
adding random attributes onto Request is not nice thing to do, so
I'll pretend I didn't just consider it. But it really seems like some
designated storage spot for extra data is necessary.
More information about the Twisted-web