[Zope-dev] login method problem

Aseem Mohanty aseem@neurobehavioralsystems.com
Tue, 04 Jun 2002 03:58:28 -0700 

Hi All,

I wrote a simple UserFolder application that did not use any cookies or 
the session management stuff. The UserSource was a MySQL db. ( Tried 
mysqlUserFolder but it was too restrictive interms of database structure 
for my purposes ). I then used ZSession to handle session and cookie 
management and it works great.

When I have a Authenticated-View only folder the browser pops up a box 
and I need to login. It authenticated from the db and I go on my merry 
way. What I am trying to do is to is to have a logon form that allows 
the user to logon, verifies the user and redirects it to a members page.

However it doesnt seem to do that. The login and the logout functions 
are given below. 'validate' is the method that is called everytime Zope 
decides on the roles and whther the role by the user has access to the 
resource.

user_login__roles__ = None
    def user_login (Self, REQUEST, RESPONSE, username, password,
            create_global = 1, login_goto_path = "../../members/"):
        # Create authorization variable
        ac = encodestring('%s:%s' % (username, password))
        auth = 'Basic %s' % ac

        Self.validate(REQUEST, auth)
        return RESPONSE.redirect (login_goto_path)


    user_logout__roles__ = ['MySQLUserRole']
    def user_logout (Self, REQUEST,RESPONSE):
        """ Terminates user session """
        user = Self.check_valid_mysql_user (REQUEST)
        Self.__terminate_session(REQUEST)
        realm=RESPONSE.realm
        RESPONSE.expireCookie('__ac',path='/')
        RESPONSE.expireCookie('_ZSession',path='/')
        RESPONSE.setStatus(401)
        RESPONSE.setHeader('WWW-Authenticate', 'basic realm="%s"' % 
realm, 1)
        RESPONSE.setBody("""<html>
            <meta http-equiv="refresh"
            content="0; URL=http://kandinsky:8080/test_folder/logged_out">
            <head><title>Logout</title></head>
            <body>
            <p>
            You have been logged out.
            </p>
            </body>
            </html>""")
       
        return


The problem is that even when I login and 'validate' accepts the 
credentials, the browser still pops up a box. What am I doing wrong?? .

The logout works fine but there is a minor problem in that too which I 
had posted earlier.

TIA.

Aseem

-- 
==================================================================
 Aseem Mohanty							   
 Neurobehavioral Systems Inc, 828 San Pablo Ave, Albany, CA 94706 
 (R) 510 7696011 (M) 510 3014871 (O) 510 5279231		  	
==================================================================								  	
 "I saw `cout' being shifted "Hello world" times to the left and  
  stopped right there!!"                        -- Steve Gonedes  
==================================================================