| J1m | mcdonc, ayt? | 00:19 |
|---|---|---|
| mcdonc | hi J1m | 00:19 |
| J1m | hey | 00:19 |
| J1m | I'm trying to figure out repoze.who. :) | 00:19 |
| mcdonc | J1m: darn. ;-) | 00:19 |
| mcdonc | we're working on improvements to it this week... wish you had found it later ;-) | 00:20 |
| J1m | Does the FormPlugin plugin have any provision for logging out? | 00:20 |
| J1m | Other than the app expring the cookie? | 00:21 |
| J1m | expiring | 00:21 |
| mcdonc | it does... if the application returns a 401 Unauthorized, the credentials will be "forgotten" and the login form will be rediplspayed | 00:21 |
| *** dunny has quit IRC | 00:21 | |
| J1m | hm, not what I had in mind. :) | 00:21 |
| J1m | Any way that doesn't act like basic auth? | 00:21 |
| *** redir has quit IRC | 00:21 | |
| mcdonc | if you want to do that programmatically, you can use "headers = environ['repoze.who.plugins'][thepluginname].forget()" and return a response with those headers | 00:22 |
| mcdonc | errr... i think forget actually takes some args | 00:22 |
| mcdonc | this is the bit we're working on improving btw ;-) | 00:22 |
| J1m | :) | 00:22 |
| *** redir has joined #zope3-dev | 00:23 | |
| J1m | I've come to dislike having 401's cause a challenge. | 00:23 |
| mcdonc | the next release will probably not require any "challenger" if you don't need on (and instead of returning a 401, you'd just actually return a login page) | 00:23 |
| mcdonc | (or a forbidden) | 00:23 |
| mcdonc | yeah me too i think... tres still likes it tho | 00:23 |
| J1m | 401 seems apropriate when someone isn't authorized. | 00:23 |
| mcdonc | right | 00:23 |
| J1m | There should be some other way to initiate a login. | 00:24 |
| J1m | even basic auth requires an extra header to get a challenge. | 00:24 |
| *** JaRoel|4D has joined #zope3-dev | 00:24 | |
| mcdonc | so i *think* how i'd like it to work is that initiating a login ("challenge") was not done by repoze.who, but instead by the app just returning some response | 00:25 |
| mcdonc | particularly for non-single-signon systems | 00:25 |
| mcdonc | i think that's somewhat distinct from logging them out, tho | 00:26 |
| mcdonc | logging them out needs headers of some kind usually, either set by the app or set by who itself as a result of catching some response (like 401) | 00:27 |
| mcdonc | currently programmatic logout either requires obtaining those headers (badly) via the environ-supplied repoze.who.plugins dict or by redisplaying the login form by returning a 401 | 00:28 |
| mcdonc | the "challenge decider" lets you vary how you decide whether to show a challenge for a response, btw | 00:29 |
| mcdonc | /over | 00:29 |
| J1m | Leaving aside the desire of an app to control how a login form looks, I'd like a simple API for an app to cause a login or logout. | 00:29 |
| J1m | I really like the google app engine api: | 00:29 |
| J1m | http://code.google.com/appengine/docs/python/users/functions.html | 00:29 |
| J1m | especially the get_login_url and get_logout_url. | 00:30 |
| mcdonc | yeah thats not bad | 00:30 |
| mcdonc | who wants to support more than login-form based systems but the fact that it does is pretty useless much of the time | 00:31 |
| J1m | How so? | 00:31 |
| J1m | Not sure I understad what you just said. | 00:31 |
| mcdonc | well, the 99% case is someone wants to display a login form either at initial visit or in response to someone visiting a resource that the user doesnt have authorization to see | 00:32 |
| mcdonc | right now the "API" for the last case is to return a 401 | 00:32 |
| J1m | Actually, that's my 1% use case. :) | 00:32 |
| mcdonc | whats your 99 | 00:33 |
| J1m | Many sites I care about are public, but the user can log in to do special things. | 00:33 |
| J1m | and log out when their done. | 00:33 |
| J1m | (1% was a slight exageration). | 00:34 |
| mcdonc | yep... do you want to show a login form when they visit a url that they can't access without credentials? (either via a redirect or directly?) | 00:34 |
| J1m | no | 00:34 |
| mcdonc | what happens in that case? | 00:34 |
| J1m | I want to tell them they can't do it and offer them a login link. | 00:34 |
| J1m | although, a login box will often be better at that point. | 00:35 |
| mcdonc | ok... so... one way to do this with who would be to create a challenge decider that always returns false | 00:35 |
| mcdonc | then when the app wants to signify that a user should log in, redirect them to that page | 00:35 |
| mcdonc | or just return it | 00:35 |
| J1m | what page, a login page? | 00:36 |
| mcdonc | "ell them they can't do it and offer them a login link." | 00:36 |
| mcdonc | that page | 00:36 |
| J1m | Not sure I understand. | 00:37 |
| J1m | I guess if they can't do something, I'd either offer them a link to the login page, or redirect them to the login page. | 00:38 |
| J1m | So, really, I want login and logout page. | 00:38 |
| mcdonc | well forgetting about who for a sec, when they visit some resource they cant get to, have zope return a response that either has the login link or return the login page itself | 00:38 |
| J1m | I want to pass a URL to the pages so when they're done, they can redirect back. | 00:38 |
| J1m | right | 00:38 |
| J1m | exactly | 00:39 |
| mcdonc | then if who is in the mix, the login page (forgetting about basic auth for a sec) could post to the login handler | 00:39 |
| mcdonc | (each form plugin has a login handler) | 00:40 |
| mcdonc | well, at least the redirecting one | 00:40 |
| mcdonc | but it might be easier to just disuse who and post to a view in the app | 00:40 |
| J1m | btw, I'm really tired of pluggable auth systems. They're soooo complicated. I thought you were "I hate frameworks" man. :) | 00:41 |
| mcdonc | me and tres just had a yelling match yesterday about it ;-) | 00:41 |
| mcdonc | i said "its too complicated!" | 00:41 |
| mcdonc | it is | 00:41 |
| J1m | +1!!! | 00:41 |
| mcdonc | i'm going to try to turn it into a library, and if that doesn't work, just ditch it | 00:42 |
| J1m | But at least it works, if I can figure it out. :) | 00:42 |
| mcdonc | yeah. sorta, at least. | 00:42 |
| J1m | I got basic and form working (sans logout for the later) | 00:42 |
| mcdonc | well thats good at least | 00:43 |
| J1m | I looked at other wsgi auth handlers and kept coming back to who. :) | 00:44 |
| mcdonc | in the land of the blind.... | 00:44 |
| J1m | heh | 00:44 |
| J1m | Well, thanks for the info. Good luck with the redesign. | 00:46 |
| mcdonc | thanks | 00:46 |
| *** J1m has quit IRC | 00:57 | |
| *** junkafarian has quit IRC | 01:04 | |
| *** greenman has joined #zope3-dev | 01:15 | |
| *** romanofski has joined #zope3-dev | 01:16 | |
| *** greenman has quit IRC | 01:22 | |
| *** romanofski has quit IRC | 01:39 | |
| *** hathawsh is now known as hath|away | 01:50 | |
| *** JaRoel|4D has quit IRC | 02:05 | |
| *** davisagli has joined #zope3-dev | 02:16 | |
| *** greenman has joined #zope3-dev | 02:25 | |
| *** davisagli has left #zope3-dev | 02:30 | |
| *** harobed has joined #zope3-dev | 02:33 | |
| *** harobed has quit IRC | 02:41 | |
| *** flox1 has quit IRC | 03:11 | |
| *** Theuni1 has quit IRC | 03:27 | |
| *** pelle_ has joined #zope3-dev | 03:28 | |
| *** pelle__ has quit IRC | 03:32 | |
| *** hath|away is now known as hathawsh | 03:38 | |
| *** greenman_ has joined #zope3-dev | 03:40 | |
| *** greenman has quit IRC | 03:50 | |
| *** hathawsh is now known as hath|away | 04:05 | |
| *** yota has quit IRC | 04:33 | |
| *** hath|away is now known as hathawsh | 05:01 | |
| *** J1m has joined #zope3-dev | 05:08 | |
| *** dbfrombrc is now known as dbfrombrc|away | 05:18 | |
| *** aaronv has quit IRC | 05:24 | |
| *** hathawsh is now known as hath|away | 05:33 | |
| *** jfkw has quit IRC | 05:45 | |
| *** dbfrombrc|away has quit IRC | 06:04 | |
| *** hath|away is now known as hathawsh | 06:08 | |
| *** J1m has quit IRC | 06:18 | |
| *** davisagli has joined #zope3-dev | 06:27 | |
| *** hathawsh is now known as hath|away | 06:28 | |
| *** afd___ has joined #zope3-dev | 06:31 | |
| *** hath|away is now known as hathawsh | 08:23 | |
| *** kaeru has quit IRC | 08:26 | |
| *** kursor has joined #zope3-dev | 08:39 | |
| *** kaeru has joined #zope3-dev | 08:47 | |
| *** hathawsh is now known as hath|away | 08:56 | |
| *** ignas has joined #zope3-dev | 09:11 | |
| *** hath|away is now known as hathawsh | 09:12 | |
| *** agroszer has joined #zope3-dev | 10:03 | |
| *** junkafarian has joined #zope3-dev | 10:18 | |
| *** jukart has joined #zope3-dev | 10:40 | |
| *** redir has quit IRC | 11:22 | |
| *** dunny has joined #zope3-dev | 11:36 | |
| *** flox has joined #zope3-dev | 11:37 | |
| *** ktwilight_ has joined #zope3-dev | 11:40 | |
| *** iham has joined #zope3-dev | 11:43 | |
| *** agroszer has quit IRC | 11:47 | |
| *** ktwilight has quit IRC | 11:54 | |
| *** iham has joined #zope3-dev | 11:55 | |
| *** iham has quit IRC | 12:00 | |
| *** jukart has quit IRC | 12:00 | |
| *** tarek has joined #zope3-dev | 12:04 | |
| *** quodt has joined #zope3-dev | 12:11 | |
| *** kursor has quit IRC | 12:14 | |
| *** iham has joined #zope3-dev | 12:21 | |
| *** afd___ has quit IRC | 12:21 | |
| *** iham has quit IRC | 12:23 | |
| *** quodt has quit IRC | 12:34 | |
| *** jukart has joined #zope3-dev | 12:35 | |
| *** jukart has quit IRC | 12:52 | |
| *** kursor has joined #zope3-dev | 13:00 | |
| *** iham has joined #zope3-dev | 13:05 | |
| *** J1m has joined #zope3-dev | 13:25 | |
| *** kursor has quit IRC | 13:30 | |
| *** iham has quit IRC | 13:33 | |
| *** harobed has joined #zope3-dev | 13:40 | |
| *** greenman_ has quit IRC | 13:48 | |
| *** hathawsh has quit IRC | 13:51 | |
| *** Jell-O-Fishi has joined #zope3-dev | 13:52 | |
| *** aaronv has joined #zope3-dev | 13:54 | |
| *** iham has joined #zope3-dev | 14:04 | |
| *** yota has joined #zope3-dev | 14:19 | |
| *** iham has quit IRC | 14:44 | |
| *** __mac__ has joined #zope3-dev | 15:19 | |
| *** afd_ has joined #zope3-dev | 15:26 | |
| *** harobed has quit IRC | 15:50 | |
| *** afd__ has joined #zope3-dev | 15:55 | |
| *** VladDrac has quit IRC | 16:02 | |
| *** afd_ has quit IRC | 16:11 | |
| *** markusleist1 has joined #zope3-dev | 16:43 | |
| *** markusleist has quit IRC | 16:52 | |
| *** J1m has quit IRC | 17:04 | |
| *** agroszer has joined #zope3-dev | 17:12 | |
| *** JaRoel|4D has joined #zope3-dev | 17:13 | |
| *** dunny has quit IRC | 17:17 | |
| *** J1m has joined #zope3-dev | 17:28 | |
| *** __mac__ has quit IRC | 17:37 | |
| *** Theuni1 has joined #zope3-dev | 17:39 | |
| *** __mac___ has joined #zope3-dev | 17:40 | |
| *** JaRoel|4D has quit IRC | 17:45 | |
| *** J1m has quit IRC | 18:05 | |
| *** __mac___ has quit IRC | 18:14 | |
| *** tarek has quit IRC | 18:39 | |
| *** jayaraj has joined #zope3-dev | 18:52 | |
| *** jayaraj has quit IRC | 18:55 | |
| *** Jell-O-Fishi has quit IRC | 19:05 | |
| *** Fubar^ has quit IRC | 19:05 | |
| *** Fubar^ has joined #zope3-dev | 19:16 | |
| *** redir has joined #zope3-dev | 19:16 | |
| *** Jell-O-Fishi has joined #zope3-dev | 19:21 | |
| *** jukart has joined #zope3-dev | 19:29 | |
| *** kursor has joined #zope3-dev | 19:44 | |
| *** JaRoel|4D has joined #zope3-dev | 19:45 | |
| *** redir is now known as redir_ | 19:45 | |
| *** Theuni2 has joined #zope3-dev | 19:45 | |
| *** redir_ is now known as redir | 19:45 | |
| *** Theuni2 has quit IRC | 19:47 | |
| *** Theuni2 has joined #zope3-dev | 19:47 | |
| *** Theuni1 has quit IRC | 19:50 | |
| *** tarek has joined #zope3-dev | 19:55 | |
| *** harobed has joined #zope3-dev | 20:05 | |
| *** tarek has quit IRC | 20:05 | |
| *** Theuni2 has quit IRC | 20:07 | |
| *** Theuni1 has joined #zope3-dev | 20:07 | |
| *** jukart has quit IRC | 20:09 | |
| *** tarek has joined #zope3-dev | 20:14 | |
| *** ccomb has quit IRC | 20:21 | |
| *** jpcw has joined #zope3-dev | 20:32 | |
| *** jukart has joined #zope3-dev | 20:32 | |
| *** JaRoel|4D has quit IRC | 20:34 | |
| *** aaronv has quit IRC | 20:37 | |
| *** Theuni1 has quit IRC | 21:04 | |
| *** agroszer has quit IRC | 21:06 | |
| *** iham has joined #zope3-dev | 21:09 | |
| *** jukart has quit IRC | 21:11 | |
| *** iham has quit IRC | 21:12 | |
| *** basti__ has joined #zope3-dev | 21:17 | |
| *** ccomb has joined #zope3-dev | 21:18 | |
| *** aaronv has joined #zope3-dev | 21:25 | |
| *** quodt has joined #zope3-dev | 21:38 | |
| *** basti__ has quit IRC | 21:44 | |
| *** jfkw has joined #zope3-dev | 21:48 | |
| *** tarek has quit IRC | 22:07 | |
| *** afd__ has quit IRC | 22:08 | |
| *** Theuni1 has joined #zope3-dev | 22:08 | |
| *** davisagli_ has joined #zope3-dev | 22:09 | |
| *** redir has quit IRC | 22:12 | |
| *** greenman has joined #zope3-dev | 22:17 | |
| *** davisagli has quit IRC | 22:26 | |
| *** kursor has quit IRC | 22:33 | |
| *** greenman has quit IRC | 22:39 | |
| *** agroszer has joined #zope3-dev | 22:49 | |
| *** J1m has joined #zope3-dev | 22:55 | |
| *** jpcw has quit IRC | 23:01 | |
| *** iham has joined #zope3-dev | 23:07 | |
| *** ccomb has quit IRC | 23:08 | |
| *** ccomb has joined #zope3-dev | 23:11 | |
| *** iham has quit IRC | 23:17 | |
| *** dunny has joined #zope3-dev | 23:19 | |
| *** pelle__ has joined #zope3-dev | 23:28 | |
| *** aaronv has quit IRC | 23:28 | |
| *** tarek has joined #zope3-dev | 23:36 | |
| *** redir has joined #zope3-dev | 23:37 | |
| *** pelle_ has quit IRC | 23:44 | |
| *** davisagli_ is now known as davisagli | 23:49 | |
| *** iham has joined #zope3-dev | 23:54 | |
| *** iham has quit IRC | 23:59 | |
Generated by irclog2html.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!