[Zope] Re: login page problem

Cliff Ford Cliff.Ford at ed.ac.uk
Sat Apr 2 11:03:56 EST 2005


Customisation of the login sequence is quite difficult for Newbies 
because there are lots of different ways to approach the problem - you 
have already tried some. I suspect that trying to match what was done in 
PHP may be part of your problem. It would be helpful to know if your 
lists of users are coming from one source, like a database table, or
multiple sources, like multiple tables or different databases, and 
whether users are unique in each district. From there you decide your 
zope folder structure. It could be like this:

site_home
|__acl_users
|__district1
|__district2

or like this:

site_home
|__district1
|    |__acl_users
|__district2
|    |__acl_users

In the second case you would not have to worry about asking the user for 
the district name. In the first case you would get a district name or a 
user defined role for that district from a supplementary data source, 
like a database. A combination of exUserFolder and MySQL would do.

You can get information on the logged in user (Username and Roles) from 
the User object, so you don't need to expicitly use sessions at this 
stage. You should certainly not store passwords - that would be a 
serious breach of confidentiality.

Maybe you should say what you do with the District parameter after the 
user has logged in. Giving advice or examples on ZPT and Python for an 
approach that is probably wrong is just too time-consuming.

Cliff

prabuddha ray wrote:
> Its been very kind of u all to be critical  about a newbie like me.
> I'll definitely lookout for those ettiquetes.
> 
> My python script error got solved as i missed the silly ' ' in the
> response.redirect statemnet.
> I set the user and pwd request vars in sesson var.
> 
> Tried cookie crumbler and MysqlUserFolder and UserFolder also but they
> all need to changed much and my requirements are diffrent.
> 
> I'm building a trial govt. site for stores management which was built
> previously in ASP.
> The login page takes the districtname , username and passwd .
> according to the type of user different menus are displayed.
> 
> For this i need to have the  districtname , username and passwd 
> carried on throughout the session.
> 
> my current requirement is to pass the session vars through the python
> script which is the action of the login form.
> 
> I've gone through the zopebook but dint find much help there.
> 
> can u plz tell me where do i get to know about pythopn scripting done
> in zope n ZPT examples.
> 
> i'm really sorry for my erronous language. please dont overlook theese
> humble requests.
> 
> On Fri, 1 Apr 2005 23:07:38 +0200, Dieter Maurer <dieter at handshake.de> wrote:
> 
>>prabuddha ray wrote at 2005-3-30 23:50 -0800:
>>
>>>...
>>>now my problem how n where do i check d pwd n redirect to the next zpt
>>>or the previous one if its wrong.
>>
>>Apparently, you need some background reading...
>>
>>Especially, you need to understand that HTTP is a stateless
>>protocol and *EACH* request must somehow perform its own
>>authentication. That's why usually login information is
>>(somehow) coded in a cookie.
>>
>>You really should follow the advice to look at an existing
>>UserFolder (they are responsible for authentication).
>>You may need to adapt/extend an existing UserFolder.
>>
>>
>>-- 
>>Dieter
>>
> 
> 


More information about the Zope mailing list