[Zope] Create an account with cookiecrumbler

Dieter Maurer dieter@handshake.de
Wed, 12 Sep 2001 22:30:53 +0200 (CEST)


Gilles Lenfant writes:
 > Then I add some instructions in this script to log this new user with
 > CookieCrumbler, as indicated in the default provided "login_form"
 > 
 > ....
 > context.acl_users.manage_users(submit='Add', REQUEST=context.REQUEST)
 > 
 > context.REQUEST.form['__ac_name'] = form['newusername']
 > context.REQUEST.form['__ac_password'] = form['newpassword']
 > context.REQUEST.form['__ac_persistent'] = '1'
 > context.REQUEST.form['came_from'] = 'minimum_html'
 > return context.logged_in(context, REQUEST=context.REQUEST)
 > 
 > What's strange :
 > 
 > 1/ This does not work
 > 
 > 2/ The new user is not created when adding the lines that _try to_ log using
 > CookieCrumbler
When you read

  <http://www.dieter.handshake.de/pyprojects/zope/book/chap3.html>

you will see that ZPublisher performs authentication only
once, *BEFORE* it calls the object identified by the request
URL.

As a consequence, your modifications to "REQUEST.form" are
not seen by CookieCrumbler because it is not called after
the changes.

This explains 1)

2) is clear too: because there is no reauthentication, your
"logged_in" raises an Unauthorized exception.
This exception, like all exceptions, aborts the current
transaction: the ZODB is not modified.

You should "redirect" after you added the user.
This will cause a new request together with a new authentication.


Dieter