[mod_python] Good example site with py, psp, and structure

Eric Brunson brunson at brunson.com
Wed Sep 20 13:29:56 EDT 2006

I should have proofread this *before* I sent it.

Eric Brunson wrote:
> durumdara wrote:
>> Hi !
> Hi,
>> I want to understand the modpy technics, to I create good structure 
>> for my new modpy site. An example needed.
> I'm by no means an expert, but I think I can address a couple of your 
> questions, I'm sure someone will correct me if I steer you wrong.
>> I used PHP, Zope, CGI before this project.
> I've used PHP and CGI, but never Zope, so I won't be able to make any 
> comparisons to Zope.
>> If I understand it good, I can specify one handler script for one 
>> directory.
>> Anywhere, where I specify a handler, the handler script working for 
>> all .py (both for existing and not existing).
> Not precisely (and someone please help out if I express this 
> incorrectly).  You can add a handler for dealing with .py files in 
> which case .py files will be handled by that handler, or you can set a 
> handler for URLs, which will perform a sort of module resolution 
> algorithm on the URL.

This statement applies to the mod_python.publisher handler.  A handler 
that you write doesn't have to do any module resolution, you can parse 
and handle the URL however you see fit.

> In the first case, which I'm least familiar with, if you associate a 
> handler with a .py file, referencing a file that doesn't exist will 
> give you a 404 error.
> In the second case apache passes the URL to a python handler, like the 
> supplied publisher handler, which is advertised to be modeled after 
> Zope's publisher, but I don't know anything about that.  Say I have a 
> directory called ip_management (which I do) and you access that 
> directory via the URL "http://yourserver/ip_management", and in there 
> you have a .htaccess file containing:
> SetHandler python-program
> PythonHandler mod_python.publisher
> You have set the handler for that directory to be the 
> mod_python.publisher handler, even if a file "example.html" exists in 
> that directory, apache will not server the contents of that file when 
> the URL "http://yourserver/ip_management/example.html" is requested.  
> It passes the URL to the specified handler and that python code 
> decides what to do with it.  If your python code decides to look for a 
> file with that name and serve the contents, then great, but it doesn't 
> have to.
> The mod_python.publisher will break the URL up and try to find a 
> python module that will satisfy its own rules.  In a simple sense, it 
> takes the part of the URL after the directory specification and tries 
> to find a module that contains a function of the same name.  So 
> "http://yourserver/ip_management/something/otherthing" will result in 
> the publisher looking for a module called "something" with a function 
> called "otherthing" inside it, then will execute the function 
> "otherthing".  If at any point it doesn't find a file or directory 
> with the module name it will look through a file called "index.py" for 
> the function name.  If it finds a module that matches the fill path, 
> i.e. "something.otherthing" then it will try to execute a function 
> called "index".
> You can write your own handler that will simply be passed the apache 
> request object and you can do whatever  your heart desires with it.
>> So if I need a centralized web application, I need to import a shared 
>> module that helps me to start and finish to handle the process 
>> (example:  pre - collect the important informations, make global 
>> variables, open the db connections, open the session datas; post - 
>> save the session if need, close the db connection, drop the content 
>> if we have redirection, etc.). I thinking good ?
> Sure, you can do whatever your heart desires in your handler.
>> 1.)
>> But I need to protect some area in the htdocs (restricted area). How 
>> to I force it ? (auth module ?). I need to define to every dir I used 
>> (httpd.conf) ?
> There's an example of writing an auth handler in the documentation.  
> The publisher handler makes it super simple, simply defining a 
> __auth__ object in the module, either a list, dict or function, you 
> can authenticate a user using Basic HTTP Auth mechanism.  You can also 
> define an __auth__ method within your method.  There is also a 
> separate __access__ object that can restrict authenticated users do 
> certain functions.
> I personally let Apache do the authorization, then use __access__ to 
> restrict access.  Your milage may vary.
>> 2.)
>> In Zope the header/footer objects used for handle the pre/post 
>> actions, and the zpts/scripts used for make the content of the page.
>> Is better to I use psp-s that call pre/post scripts, or is better if 
>> I use py scripts, and they are get psp-s I need ?
> I'm not qualified to judge your architecture.  I don't use PSP, I 
> found it a bit cumbersome, I do all my processing in the handler, 
> build my own sort of "mini DOM" objects that can render themselves.  
> Your way should work, whether there's a better design is a matter of 
> taste.
>> 3.)
>> How to avoid to user type any .py to browser's address textbox, and 
>> get same result that handler present ?
>> Example: I use main.py for handle requests. The address is: 
>> www.foo.hu/main.py.
>> The user can type www.foo.hu/sux.py, and get same result !
> It's up to the handler.  Using Apache's "AddHandler somehandler .py" 
> to add a handler for python scripts will not serve a non-existent 
> file, you will get a 404.  The publisher handler will not server 
> content to a URL you have not defined in your code, you will get a 
> 404.  If you write your own handler you can do whatever your heart 
> desires.
>> 4.)
>> How to prevent the .py extension showing in the browser ?
>> To I see (can type):
>> www.foo.hu/
>> or
>> www.foo.hu/index
>> not
>> www.foo.hu/index.py.
>> I want to protect my site - if anyone see it, he/she don't know, what 
>> engine I used.
> Please see the answer to #3.
>> Thanks for your answers:
>> dd
> I'm still learning the intricacies of mod_python myself, but 
> everything I've told you is very well documented.  Try reading through 
> the docs, I had to go through them a few times before the puzzle 
> pieces started falling into place.  It helps to have a passing 
> understanding of the Apache API and the Apache request objects.
> Hope that helped,
> e.
> _______________________________________________
> Mod_python mailing list
> Mod_python at modpython.org
> http://mailman.modpython.org/mailman/listinfo/mod_python

More information about the Mod_python mailing list