[Zope] Access Rule

Dylan Reinhardt zope@dylanreinhardt.com
24 Jun 2003 10:00:51 -0700 

This should answer most of your questions:

http://www.zope.org/Documentation/Books/ZopeBook/2_6Edition/Sessions.stx

Dylan



On Tue, 2003-06-24 at 09:14, Andrew R. Halko wrote:
> Out of plain curiosity, how does it relate a "session" with a
> user/browser.  Keeping track of IP address in Zope and relating them?
> 
> Andrew R. Halko
> 
> -----Original Message-----
> From: Dylan Reinhardt [mailto:zope@dylanreinhardt.com] 
> Sent: Tuesday, June 24, 2003 12:33 PM
> To: Andrew R. Halko
> Cc: zope@zope.org
> Subject: Re: [Zope] Access Rule
> 
> On Tue, 2003-06-24 at 07:20, Andrew R. Halko wrote:
> > I created an access rule in Plone, not the root and I need to find if
> a
> > user is logged in.  I was told that can't be done, 
> 
> Not without some work, anyway.  :-)
> 
> > but doesn't there
> > have to be a something transferred between pages to tell if someone is
> > logged in. 
> 
> Zope doesn't have the same notion of "logged in" and "sessions" that
> other systems do.  Once you've authenticated, your authentication will
> persist so long as you keep that browser open.  You remain "logged in"
> even between server restarts.  I've maintained sessions like this for
> weeks at a time; in theory you could stay logged in forever.
> 
> Knowing this, your question can be re-framed as "how can I check which
> users have authenticated and/or used the system in the last X minutes?" 
> You'll want to create some method that records a timestamp related to a
> userid.  Call this method whenever a "session-maintaining" event (i.e.,
> a login or request) takes place.  One way to do this would be to call
> your "session" method in a header/footer method.  
> 
> Then create another method that can extract this information such that
> you can determine which users have accessed the system recently and/or
> check a specific user's currency.
> 
> There are any number of ways you can implement this... properties, an
> RDBMS, a custom product... but that's the general approach I'd take.
> 
> HTH,
> 
> Dylan
> 
>