[Grok-dev] LoginDemo and PlainLoginDemo and BabyLoginDemo

Luciano Ramalho luciano at ramalho.org
Wed Jan 16 10:56:52 EST 2008 

Kevin,

I want to add to my previous response that your BabyLoginDemo has had
a tremendous impact in my thinking.

Clearly what is appealing about Zope 3 is that it gives developers a
lot of freedom in building Web apps. In a way, a key advantage of Zope
over other frameworks is the amaziningly powerful and flexible
architecture it provides. The component architecture itself is perhaps
more important than the actual components that are ready to use. (This
reminds me of the old joke comparing operating systems to airlines,
and the Unix airline expects passengers to bring airplane parts and
decide on the tarmac what kind of aircraft they are going to build for
the next flight. Zope 3 is very much like that.)

Grok adds value by making Zope 3 more agile through the use of
conventions, sensible defaults and automated registrations. Your
BabyLoginDemo is brilliant to demonstrate the Zope 3 way of doing
things, but with the agility of Grok.

My main point is that, to reach a wider developer base, Grok should
offer a ready to use authentication utility that does not require so
much code to setup. Like I said before, I consider it a problem if
something so simple as LoginDemo requires 15 lines of imports to begin
with. This means that too much of the API has to be understood by the
programmer even for such a simple case.

Thanks a lot for BabyLoginDemo, it has been really an education for me.

Cheers,

Luciano



On Jan 16, 2008 7:32 AM, Kevin Teague <kevin at bud.ca> wrote:
> Luciano, thanks for attempting to tackle the demonstration of
> authentication in Grok!
>
> This is something that is still very hard to understand, especially if
> you are still new to a lot of Zope 3 concepts. The PAU implementation
> in Zope 3 was one of the first things that I learned in Zope 3 and it
> was fairly brain-hurtingly perplexing as an introduction to Zope 3
> authentication. As others have suggested, having something like a
> megrok.defaultauth that configures a sensible PAU would be a practical
> package for making it easier to add authentication to a Grok app, but
> I don't think it would make a very good demo application, as
> understanding how it works would require digging into the PAU
> interfaces and implementation.
>
> I've started working on another version of your LoginDemo called
> BabyLoginDemo tonight:
>
> http://svn.zope.org/Sandbox/kteague/BabyLoginDemo/
>
> The key to making an easy to learn authentication app I believe is
> that when you registar a local utility that provides IAuthentication,
> you only need to implement the IAuthentication interface. Also while
> you get a significant amount of complexity from PAU, since your login
> app does things like provide a count and sorted list of members based
> on specific configuration details for a PAU, this code wouldn't allow
> you to get any of the benefits of this complexity. i.e. when you do:
>
>      def members(self):
>          pau = getUtility(IAuthentication)
>          principals = pau['principals']
>
> You are relying on implementation details that are not part of the
> IAuthentication interface that you are asking for. If you added a LDAP
> authentication plug-in later on with something like:
>
>      pau['ldap_principals'] =
> ldappas.authentication.LDAPAuthentication()
>      pau['principals'] = PrincipalFolder()
>      pau.authenticatorPlugins = ('principals','ldap_principals',)
>
> Then code such as this would not work:
>
>       def members(self):
>          pau = getUtility(IAuthentication)
>          principals = pau['principals']
>          roster = []
>          for id in sorted(principals.keys()):
>
> Since you wouldn't be displaying any of the LDAP authenticated
> principals (which might be a good thing if your LDAP directory was
> very large ...)
>
> In BabyLoginDemo I created a MemberAuthentication class that wraps up
> a cookie credential implementation and a reliance on a app['members']
> container to provide Member objects that also implement the required
> IPrincipal interface. Although you can join and login to BabyLoginDemo
> right now it's not finished you can't logout and member listing
> doesn't work yet ...
>
> Another package that might be interesting to create would be a PAU
> authenticator plugin that allowed you to configure it to treat any
> arbitrary grok.Container as an authentication source.
>
> _______________________________________________
> Grok-dev mailing list
> Grok-dev at zope.org
> http://mail.zope.org/mailman/listinfo/grok-dev
>

More information about the Grok-dev mailing list