[Zope] AUTHENTICATED_USER.getUserName()

John Williams J.A.R.Williams@aston.ac.uk
08 Mar 2000 07:51:54 +0000


>Is there a HOW-TO or other documentation that shows how to set up a login
>page so that you can use AUTHENTICATED_USER.getUserName()?  Thanks in
>advance for any help/pointers provided.

I don't know if there is a how-to but the way I do this is very
simple. I have a simple form with only a submit button with name login
(it appears on a sidebar of the web site).  When it is clicked it
posts to the current URL.

<dtml-if isRegistered>
You are 
<dtml-in "AUTHENTICATED_USER.getRoles()">
<dtml-var sequence-item> 
</dtml-in>
<b><dtml-var "AUTHENTICATED_USER.getUserName()"></b>
<dtml-else>
<FORM ACTION="<dtml-var baseURL>" METHOD="POST">
<INPUT NAME="logon" TYPE="SUBMIT" VALUE="Logon">
</form>
</dtml-if>

In the start of every page I call a method to check for 'login' in the
REQUEST variable. If it exists I calls or references an empty method
which anonymous users have no rights to but which authenticated users
do have access to (with ID login in this example.

<dtml-if "REQUEST.has_key('logon')"><dtml-var logon></dtml-if>
<dtml-call "REQUEST.set('isRegistered',AUTHENTICATED_USER.has_role(['Staff','Student','Manager']))">

Zope will therefore invoke the authentication mechanism which means
the browser will ask for a login a password as usual. From there on
the user will have been authenticated and you can check their name and
what role(s) they have in the current context. 

As you can see once with the code given here the user has logged in
instead of a login button they will see a message giving their
username and global role(s).

Hope this helps.

-- 
Dr. John A.R. Williams
Photonics Research Group
Telecommunications Technology Programme Director
Aston University