[python] cherrypy + autorizace

Vladislav Ludík vlada na ludik.cz
Pátek Duben 20 14:28:16 CEST 2007 

Skvělé, už jsem to rozběhal. Díky za pomoc.

VL
------------- další část ---------------
#!/usr/bin/python2.4

import cherrypy

class Login:
    def check(cls, fn):
        def _check(self, *args, **kwargs):
            if cherrypy.session.has_key('userid'):
                # User is logged in; allow access
		return fn(self, *args, **kwargs)
	    else:
                # User isn't logged in yet.
                # See if the user just tried to log in
		try:
                    submit = kwargs['login']
                    email = kwargs['loginEmail']
                    password = kwargs['loginPassword']
                except KeyError:
                    # No, this wasn't a login attempt.  Send the user to
                    # the login "page".
                    return self.loginPage(cherrypy.url())

		# Now look up the user id by the email and password
		userid = self.getUserId(email, password)
		if userid is None:
                    # Bad login attempt
                    return self.loginPage(cherrypy.url(), 'Invalid email address or password.')
                # User is now logged in, so retain the userid and show the content
                cherrypy.session['userid'] = userid
                return fn(self, *args, **kwargs)
	return _check
    check = classmethod(check)

    def getUserId(self, email, password):
        '''Simple function to look up a user id from email and password.
        Naturally, this would be stored in a database rather than
        hardcoded, and the password would be stored in a hashed format
        rather than in cleartext.

        Returns the userid on success, or None on failure.
        '''

        accounts = {('vlada na ludik.cz', 'foo'): 'vlada'}

        return accounts.get((email,password), None)

    def loginPage(self, targetPage, message=None):
        '''Return a login "pagelet" that replaces the regular content if
        the user is not logged in.'''
        result = []
        result.append('<h1>Sitename Login</h1>')
        if message is not None:
            result.append('<p>%s</p>' % message)
        result.append('<form action=%s method=post>' % targetPage)
        result.append('<p>Email Address: <input type=text name="loginEmail"></p>')
        result.append('<p>Password: <input type=password name="loginPassword"></p>')
        result.append('<p><input type="submit" name="login" value="Log In"></p>')
        result.append('</form>')
        return '\n'.join(result)

    def logOut(self):
        '''Log Out.'''
        del cherrypy.session['userid']
        return 'You are no more logged in' + self.index()
    logOut.exposed = True

class Page(Login):

	def index(self):
		return '''<h1>SiteName</h1>
		<h2>Home Page</h2>
		<p><a href="public">Public Page</a></p>
		<p><a href="private">Private Page</a> <i>(registered users only)</i></p>
		'''
	index.exposed = True

	def public(self):
		return '''<h1>SiteName</h1>
		<h2>Public Page</h2>
		<p><a href="/">Go back home</a></p>'''
	public.exposed = True
	
	def private(self, *args, **kwargs):
		return '''<h1>SiteName</h1>
		<h2>Private Page</h2>
		<p><a href="logOut">Log Out</a></p>
		<p><a href="/">Go back home</a></p>'''
	private = Login.check(private)
	private.exposed = True

root = Page()
cherrypy.tree.mount(root, '/')


if __name__ == "__main__":
    
        import os.path
        cherrypy.config.update(os.path.join(os.path.dirname(__file__), 'check-1.conf'))
	cherrypy.server.quickstart()
        cherrypy.engine.start()
------------- další část ---------------
Netextová příloha byla odstraněna...
Jméno: check-1.conf
Typ: application/octet-stream
Velikost: 229 bytes
Popis: [žádný popis není k dispozici]
Url : http://www.py.cz/pipermail/python/attachments/20070420/8802ecd5/attachment.obj

Další informace o konferenci Python