[Twisted-web] Get access to Avatar from Resource object?
jacek99 at gmail.com
Mon Mar 5 10:19:30 EST 2012
Hm, I would prefer to avoid that.
In my case, the cost of creating a new Resource is high (since it needs to
parse all the URLs it can dispatch to for all the REST services), therefore
I would prefer to cache a single ReadOnlyResource vs AdminResource (as an
and just serve one or the other.
I guess that doesn't fit into the typical Twisted model that well :-(
Is there some sort of "post authentication" hook that I could listen to?
On Mon, Mar 5, 2012 at 10:09 AM, <exarkun at twistedmatrix.com> wrote:
> On 02:58 pm, jacek99 at gmail.com wrote:
> >Hi, I have an extra question going back to our original discussion on
> >If I serve a Resource Avatar from a Realm, is there any built-in way to
> >attach something to the request as it is being intercepted by the
> >For example, for every request I would like to create a Principal
> >(username,first name,last name, list of privileges, etc.) and attach it
> >every request that has been authenticated.
> >> From the API I see, it seems you can serve a customized Resource (and
> >is fine for simpler admin vs read-only authentication schemes), but in
> >cases you need really fine-grained APIs
> It's actually fine for all cases, since it lets you do anything you
> want. For example, make the principal an argument to your custom
> Resource, save it as an attribute, and use it to make future access
> control decisions.
> >(where a decorator per each REST method may be the only option), so it
> >would be good for every request to be linked with the Principal that
> >represents the user making the request.
> >Thanks for any suggestions
> Twisted-web mailing list
> Twisted-web at twistedmatrix.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Twisted-web