[Twisted-web] newbiew question
Maarten ter Huurne
maarten at treewalker.org
Tue Jul 22 23:26:56 EDT 2008
On Wednesday 23 July 2008, arun chhetri wrote:
> class Calendar(resource.Resource):
> def __init__(self,user,pswd,server):
> resource.Resource.__init__(self)
> self.user = user
> self.pswd = pswd
> self.server = server
> self.putChild('month',Month(user))
>
> def render(self,request):
> return"""<p> The user is %s
> <a href=/calendar/month> The link to the month is this
> """%self.user[0]
>
> def getChild(self,path,request):
> return Month(self.user[0])
The information about the user does not belong in any Resource subclass: a
Resource is a page that can be generated for different users, so it should
only contain information that is the same for all users. Any user specific
data should be fetched via the request object.
> now if i go to http://localhost:8000/?user=arun&pswd=test&server=test
> i get this The user is arun The link to the month is
> this<http://localhost:8000/calendar/month>
> and if I click the link then I get None
One way to do it is to include the arguments in the URL for the "month"
page:
'<a href="month?user=%s&pswd=%s">this month</a>' % (user, pswd)
Having the password in every URL is neither elegant nor safe. So probably
you'll want to create a session to remember a user who has already
authenticated.
You can get a session object like this:
session = request.getSession()
You can attach custom data to a session like this:
user = User(name)
session.setComponent(IUser, user)
and fetch it later like this:
user = session.getComponent(IUser)
The IUser class is a Zope Interface, here is an example:
from zope.interface import Interface, implements
class IUser(Interface):
'''A user account.
'''
def getUserName(self):
'''Returns the name of the user account.
'''
class User(object):
implements(IUser)
def __init__(self, name):
self.__name = name
def getUserName(self):
return self.__name
The User object contains the data you want to keep per user: the user name
and maybe more. You don't have to store the password in this data object;
instead you should create this object only if the user has successfully
authenticated.
Bye,
Maarten
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part.
Url : http://twistedmatrix.com/pipermail/twisted-web/attachments/20080723/f6f274e4/attachment.pgp
More information about the Twisted-web
mailing list