[Twisted-web] Re: /__logout__ doesn't expire the session

Alex Levy mesozoic at polynode.com
Fri Jan 14 09:26:30 MST 2005

Andrew Bennetts wrote:
> On Thu, Jan 13, 2005 at 04:12:22PM -0500, Alex Levy wrote:
>>Maybe this could be in an example somewhere, because I (for one) can't 
>>figure out how to do it. How do you access the session from the logout 
>>function? It isn't called with any parameters, and from what I can tell 
>>about IRealm implementors, the requestAvatar method -- whence the logout 
>>function is returned -- doesn't have access to the session either.
> I'm no cred expert, but isn't this is what the mind is for?

Yes, you're right; good call. I'd forgotten about that part.

So, I've attached an example that should allow you to define code that 
runs on logout, and also has full access to the session. I've tested it 
(briefly), so if anyone has any better ideas, they are more than welcome 
to share.

Andrea, this should address your needs. Does anyone else think we should 
make this (or, better yet, a cleaned-up version of it) part of the Nevow 

Alex Levy
WWW: http://mesozoic.geecs.org

"Never let your sense of morals prevent you from doing what is right."
  -- Salvor Hardin, Isaac Asimov's _Foundation_
-------------- next part --------------
from twisted.application import strports
from twisted.application.service import Application
from twisted.cred.checkers import AllowAnonymousAccess
from twisted.cred.portal import Portal, IRealm
from twisted.cred.credentials import IAnonymous

from nevow import appserver
from nevow import guard
from nevow.inevow import IResource

class Mind:
	def __init__(self, request, credentials):
		self.request = request
		self.credentials = credentials

class MyRealm:
	__implements__ = IRealm,
	def requestAvatar(self, avatar_id, mind, *interfaces):
		if IResource in interfaces:
			return (
				None, # This should be whatever resource you use
				self.createLogout(avatar_id, mind)
		raise NotImplementedError
	def createLogout(self, avatar_id, mind):
		def logout():
			# This will be a nevow.guard.GuardSession instance
			session = mind.request.getSession()
			print 'Logging out for', session
		return logout

application = Application('MySite')
portal = Portal(MyRealm())
portal.registerChecker(AllowAnonymousAccess(), IAnonymous)
guarded = guard.SessionWrapper(portal, mindFactory=Mind)
site = appserver.NevowSite(resource=guarded)
svc = strports.service('tcp:8080', site)

More information about the Twisted-web mailing list