[Checkins] SVN: Sandbox/ulif/megrok.login/ Add license.
Uli Fouquet
uli at gnufix.de
Fri Dec 26 10:58:29 EST 2008
Log message for revision 94351:
Add license.
Changed:
A Sandbox/ulif/megrok.login/LICENSE.txt
U Sandbox/ulif/megrok.login/src/megrok/login/README.txt
-=-
Added: Sandbox/ulif/megrok.login/LICENSE.txt
===================================================================
--- Sandbox/ulif/megrok.login/LICENSE.txt (rev 0)
+++ Sandbox/ulif/megrok.login/LICENSE.txt 2008-12-26 15:58:29 UTC (rev 94351)
@@ -0,0 +1,54 @@
+Zope Public License (ZPL) Version 2.1
+-------------------------------------
+
+A copyright notice accompanies this license document that
+identifies the copyright holders.
+
+This license has been certified as open source. It has also
+been designated as GPL compatible by the Free Software
+Foundation (FSF).
+
+Redistribution and use in source and binary forms, with or
+without modification, are permitted provided that the
+following conditions are met:
+
+1. Redistributions in source code must retain the
+ accompanying copyright notice, this list of conditions,
+ and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the accompanying
+ copyright notice, this list of conditions, and the
+ following disclaimer in the documentation and/or other
+ materials provided with the distribution.
+
+3. Names of the copyright holders must not be used to
+ endorse or promote products derived from this software
+ without prior written permission from the copyright
+ holders.
+
+4. The right to distribute this software or to use it for
+ any purpose does not give you the right to use
+ Servicemarks (sm) or Trademarks (tm) of the copyright
+ holders. Use of them is covered by separate agreement
+ with the copyright holders.
+
+5. If any files are modified, you must cause the modified
+ files to carry prominent notices stating that you changed
+ the files and the date of any change.
+
+Disclaimer
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS ``AS IS''
+ AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT
+ NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN
+ NO EVENT SHALL THE COPYRIGHT HOLDERS BE
+ LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
+ DAMAGE.
Modified: Sandbox/ulif/megrok.login/src/megrok/login/README.txt
===================================================================
--- Sandbox/ulif/megrok.login/src/megrok/login/README.txt 2008-12-26 15:58:03 UTC (rev 94350)
+++ Sandbox/ulif/megrok.login/src/megrok/login/README.txt 2008-12-26 15:58:29 UTC (rev 94351)
@@ -4,8 +4,6 @@
Setting up login pages for your webapp made easy.
-:Test-Layer: functional
-
With `megrok.login` you can setup simple session based login pages
for your ``grok.Application`` and other ``grok.Site`` instances. This
is different to out-of-the-box behaviour, where authentication happens
@@ -41,15 +39,6 @@
* More advanced stuff:
- - ``customprincipals.py``:
-
- How to setup session based authentication with your own
- implementation of principals (users).
-
- - ``customsession.py``:
-
- How to setup session based authentication with your own
-
- ``custompausetup.py``:
How to setup session based authentication with your own setup of
@@ -66,16 +55,67 @@
-------------------------
Enables session based authentication. This marker directive *must* be
-used in order to use ``megrok.login`` functionality.
+used in order to use ``megrok.login`` functionality. It can be set on
+any `grok.Site` class::
+ import grok
+ class MyApp(grok.Application, grok.Container):
+ megrok.login.enable()
+If no other ``megrok.login`` directive is used, it enables session
+based authentication (login screens instead of basic-auth).
+
``megrok.login.viewname(<viewname>)``
------------------------------------
+-------------------------------------
Registers the view with the name ``<viewname>`` as login page. This
way you can specify your own login page. You must also use
-``megrok.login.enable()`` to make this work.
+``megrok.login.enable()`` to make this work::
+ import grok
+
+ class MyApp(grok.Application, grok.Container):
+ megrok.login.enable()
+ megrok.login.viewname('login')
+
+ class Login(grok.View):
+ def render(self):
+
+ def update(self, camefrom=None, SUBMIT=None):
+ self.camefrom=camefrom
+ if SUBMIT is not None and camefrom is not None:
+ # The credentials were entered. Go back. If the entered
+ # credentials are not valid, another redirect will happen
+ # to this view.
+ self.redirect(camefrom)
+ return
+
+whereas the template for the login view might look like this::
+
+ <html>
+ <head>
+ <title>Login</title>
+ </head>
+ <body>
+ <h1>Custom Login Page</h1>
+ <form method="post">
+ <div>
+ <label for="login">Username</label>
+ <input type="text" name="login" id="login" />
+ </div>
+ <div>
+ <label for="password">Password</label>
+ <input type="password" name="password" id="password" />
+ </div>
+ <div>
+ <input type="hidden" name="camefrom"
+ tal:attributes="value view/camefrom" />
+ <input type="submit" name="SUBMIT" value="Log in" />
+ </div>
+ </form>
+ </body>
+ </html>
+
See ``tests/customlogin.py`` for details.
``megrok.login.strict()``
@@ -94,6 +134,13 @@
users like the manager user defined in your site.zcml won't be
accepted by your login page.
+Example::
+
+ import grok
+ class MyApp(grok.Application, grok.Container):
+ megrok.login.enable()
+ megrok.login.strict()
+
See ``tests/strict.py`` for details.
@@ -104,6 +151,16 @@
automatically any user that still does not exist on login and add it
to the ``PrincipalFolder``.
+Example::
+
+ class ManageApp(grok.Permission):
+ grok.name('app.ManageAutoRegister')
+
+ class AutoRegisterApp(grok.Application, grok.Container):
+ megrok.login.enable()
+ # We grant this permission to autoregistered users.
+ megrok.login.autoregister('app.ManageAutoRegister')
+
See ``tests/autoregister.py`` for details.
@@ -119,73 +176,3 @@
See ``tests/custompausetup.py`` for details.
-Setting up session-based authentication
-=======================================
-
-In the most basic form you can declare an application to use login
-pages instead of basic-auth like this::
-
- >>> import grok
- >>> import megrok.login
- >>> class App(grok.Application, grok.Container):
- ... megrok.login.enable()
-
-Now let's define a view and protect it with a permission::
-
- >>> class ManageApp(grok.Permission):
- ... grok.name('app.ManageApp')
-
- >>> class Index(grok.View):
- ... grok.context(App)
- ... grok.require('app.ManageApp')
- ...
- ... def render(self):
- ... return "Hello from App!"
- ...
-
-Before we can make use of ``megrok.login`` we have to grok it. This
-normally happens via ZCML, but here we do it manually::
-
- >>> import grok.testing
- >>> grok.testing.grok('megrok.login')
-
-Furthermore we have to grok our app components. This normally also
-happens at startup::
-
- >>> from grok.testing import grok_component
- >>> grok_component('ManageApp', ManageApp)
- True
-
- >>> grok_component('App', App)
- True
-
- >>> grok_component('Index', Index)
- True
-
-The authentication mechanism needs a site to be plugged in. A Grok
-application becomes a site as soon as it is stored in the ZODB. We
-do that::
-
- >>> root = getRootFolder()
- >>> root['app'] = App()
-
-We try to watch the `index` page with a browser. Normally we would get
-an error page, as we did not authenticate against the system
-before. But this time we are asked to login::
-
- >>> from zope.testbrowser.testing import Browser
- >>> browser = Browser()
- >>> browser.open('http://localhost/app')
- >>> browser.headers['status']
- '200 Ok'
-
- >>> print browser.contents
- <!DOCTYPE html ...
- Please provide Login Information...
- <input type="text" name="login" id="login" />
- ...
-
-What we can see here, is the standard login page provided by
-``zope.app.authentication``. It is named `loginForm.html` and the
-default, if you do not specify a different viewname as login page.
-
More information about the Checkins
mailing list