[Zope] Access Rule
24 Jun 2003 10:00:51 -0700
This should answer most of your questions:
On Tue, 2003-06-24 at 09:14, Andrew R. Halko wrote:
> Out of plain curiosity, how does it relate a "session" with a
> user/browser. Keeping track of IP address in Zope and relating them?
> Andrew R. Halko
> -----Original Message-----
> From: Dylan Reinhardt [mailto:firstname.lastname@example.org]
> Sent: Tuesday, June 24, 2003 12:33 PM
> To: Andrew R. Halko
> Cc: email@example.com
> Subject: Re: [Zope] Access Rule
> On Tue, 2003-06-24 at 07:20, Andrew R. Halko wrote:
> > I created an access rule in Plone, not the root and I need to find if
> > user is logged in. I was told that can't be done,
> Not without some work, anyway. :-)
> > but doesn't there
> > have to be a something transferred between pages to tell if someone is
> > logged in.
> Zope doesn't have the same notion of "logged in" and "sessions" that
> other systems do. Once you've authenticated, your authentication will
> persist so long as you keep that browser open. You remain "logged in"
> even between server restarts. I've maintained sessions like this for
> weeks at a time; in theory you could stay logged in forever.
> Knowing this, your question can be re-framed as "how can I check which
> users have authenticated and/or used the system in the last X minutes?"
> You'll want to create some method that records a timestamp related to a
> userid. Call this method whenever a "session-maintaining" event (i.e.,
> a login or request) takes place. One way to do this would be to call
> your "session" method in a header/footer method.
> Then create another method that can extract this information such that
> you can determine which users have accessed the system recently and/or
> check a specific user's currency.
> There are any number of ways you can implement this... properties, an
> RDBMS, a custom product... but that's the general approach I'd take.