[mod_python] Login and redirection

Oliver Mellet oliver at mellet.net
Sun Feb 15 11:55:34 EST 2004


In case anyone's curious, here's how I solved it (the example here is 
for logging in to a Sasl2 db).  Note that I no longer need to use 
internal_redirect; util.redirect works fine:

from mod_python import Session, util
import Sasl2

def login(req, username, password, redir):
    err = ""
    name = ""
    logged_in = False
    try:
       user = Sasl2.getuser(username)
       if user != None:
          if user['password'] == password:
             logged_in = True
             name = user["username"]
          else:
             err = "Invalid Password"
       else:
          err = "Invalid Username"
    except Exception, e:
       err = "Unexpected Error: %s" % e
       req.log_error(str(e))
    sess = Session.Session(req,secret="<yourpass>")
    sess["error_str"] = err
    sess["logged_in"] = logged_in
    sess["user"] = name
    sess.save()
    util.redirect(req, redir)


On Feb 8, 2004, at 9:47 PM, Oliver Mellet wrote:

> I've got a situation where I need to protect pages, and I'm doing
> it using cookies and sessions. If the user requests a
> protected page and he or she hasn't logged in, I redirect them
> to a psp login page, which then POSTs to a publisher handler script.
> That script then does req.internal_redirect to the originating url, or
> back to the login page if the login didn't take.
> The problem I'm having is twofold:
> 1.  If the login succeeds, then the internal redirect shows up in the
> location bar as the publisher script url, rather than the proper url
> of the protected document.  It's ugly, but I can live with it if I 
> have to.
>
> 2.  If the login fails, the internal redirect back to the login page 
> never
> happens; it seems like there's some sort of deadlock going from :
> 	login.psp redirect->POST login.py->internal_redirect login.psp
>
> Having said all that, there's probably a better way to skin this 
> particular
> cat. If anyone has any suggestions, I'd be much obliged.
>
> Thanks
> Oliver
>
> _______________________________________________
> Mod_python mailing list
> Mod_python at modpython.org
> http://mailman.modpython.org/mailman/listinfo/mod_python



More information about the Mod_python mailing list