[Grok-dev] megrok.login

Danilo G B danilogbotelho at yahoo.com
Tue May 24 19:34:14 EDT 2011 

On Mon, 23 May 2011 12:34:32 -0700 Mats <mats at ronin-group.org> wrote:



I'm trying to authenticate using megrok.login but it doesn't
authenticate my user.  It does authenticate using the session login
form against my admin username and password from the grok install.

I created a register form as so:

class Register(base.PageForm):
    grok.context(interface.Interface)

    fields = base.Fields(IRegister)
    ignoreContext = True

    @base.button.buttonAndHandler(u'Register')
    def handle_registration(self, action):
        data, errors = self.extractData()
        if errors:
            self.status = self.formErrorsMessage
            return
        username = data['username']
        password = data['password']

        auth = component.getUtility(IAuthentication)
        pf = auth['principals']
        pf[username] = InternalPrincipal(username, password, username)
        pm = IPrincipalPermissionManager(grok.getSite())
        pm.grantPermissionToPrincipal('iport.Registered', username)
        self.redirect('index')

My login form looks like this:

class Login(Page):
    def update(self, camefrom=None, SUBMIT=None):
        self.camefrom = camefrom
        if SUBMIT is not None and camefrom is not None:
            self.redirect(camefrom)
        return

The registration does seem to work correctly as it adds the principal
to site._sm['megrok_login_pau']['principals'] but authentication gives
me nothing but displaying the login form again and user staying as
'zope.anybody'.

What am I doing wrong?


Thanks,

Mats

The magic of the megrok.login authentication is performed by the code in 
loginform.py ( check the LoginForm class' __call__ method).
In my code I dropped the self.index() in the last line and used a 
grok.View.__call__(self) instead (you should use Page.__call__).

class Login(grok.View):
    
    grok.context(Interface)
    grok.require('zope.Public')
    
    def __call__(self):
        request = self.request
        principal = request.principal

        unauthenticated = IUnauthenticatedPrincipal.providedBy(principal)
        self.unauthenticated = unauthenticated
        
        camefrom = request.get('camefrom')
        if isinstance(camefrom, list):
            # this can happen on python2.6, as it changed the
            # behaviour of cgi.FieldStorage a bit.
            camefrom = camefrom[0]
        self.camefrom = camefrom
        
        if (not unauthenticated) and ('SUBMIT' in request):
            # authenticated by submitting
            request.response.redirect(camefrom or '.')
            return ''
        
        return grok.View.__call__(self)
        
    def update(self, camefrom=None, SUBMIT=None):
        self.camefrom = camefrom
        if SUBMIT is not None and camefrom is not None:
            # The credentials were entered. Go back. If the entered
            # credentials are not valid, another redirect will happen
            # to this view.
            self.redirect(camefrom)
        self.baseurl = self.url(self.context)
        return
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.zope.org/pipermail/grok-dev/attachments/20110524/0f2a2c45/attachment.html

More information about the Grok-dev mailing list