[Zope] Another Zope Site
Jim Washington
jwashin@vt.edu
Thu, 23 Dec 1999 15:35:04 +0000
julio dinis wrote:
>
> Hi Jim, your mission if you accept it... :-)
OK, hmmm...
> Right now we are integrating the ZRTChat with other
> classes to achieve our specific goals, and had not already worked a lot on
> the ZRTChat, but as soon as we make new features we post on the list.
>
> One feature we would like is to force user authentication, to avoid
> duplicate nicks logged at the same time, and with a password to avoid
> another person to use your nickname and then being able to chat on your
> behalf.
The easy answer is to replace the value of the zrtcuser variable where
it shows up in <input type=hidden> in ZRTChatClass.formframe to
something like <dtml-var "_[AUTHENTICATED_USER.GetName()]">, then put
the chat item in a protected folder, and let Zope take care of
authentication. This would require additional minor modifications to
formframe to get rid of the login and make a different action for the
logout button.
For a general solution, I would probably put a "zrtc_secure_chat"
boolean in the management interface and recode a bit with <dtml-if
zrtc_secure_chat>
Perhaps this switch is not necessary: Is there a way for an object to
know whether it is in a protected folder?
-- Jim Washington