[Zope] Re: login page problem

Cliff Ford Cliff.Ford at ed.ac.uk
Mon Apr 4 11:08:50 EDT 2005 

I am abstracting bits of your email below in case anyone else wants to 
join in.

 > I dint want to built customized login page in 1st place. Actually this
 > is a Govt. stores management site used in my state only bulit all in
 > ASP. I 've to convert this into a Zope and Plone version.
 > So i wanted to get it converted with minimun changes.

If you are going to use Plone I can't offer advice - I have looked at 
Plone on three separate occasions, and recently read The Definitive 
Guide to Plone, and have stil decided not to use it. I only say this to 
make it clear that many applications are built without CMS and Plone.

 > 1> the district name and their users come from 2 seperate Mysql
 > tables. the users are unique in each district.

Two separate tables with User information is awkward! The user folders I 
know of expect user information to come from one source. So you either 
have to create two folders, each with its own acl_users (provided by one 
of the User Folder Products), or you have to hack the User Folder 
product to put in a Union select statement in place of a simple Select.

 > Now the qusetion is how do build this district user folder structure
 > using the database?
 > Hope not manually, because there are 22 districts and about 15 users
 > in each of them pluys head quarters.

You have not said whether the people in the different districts do 
completely different things with different forms, or identical things 
but specifying the district. If the former then it is no big deal to 
create the folders manually, although it can be done programmtically. 
You could set a Local Role equal to the district name and get that role 
for users from the database. That way, users can only enter their own 
district folder. If the latter, then you could retrieve the Username and 
District from the User object for use in the forms (include the District 
as a role).

 > i dint get to know much about coding ZPT's and Script(Python) for
 > them, from the ZPT refs and Zopebook. So wanted some simple working
 > examples.

Try working on the rest of your application to build up ZPT and Python 
experience. As I said, managing users is tricky. Also, be aware that 
Zope experts advise developers to produce file system based Products. 
There are lots of simple Products that you can use and browse the code 
to see how they work.

Cliff


_________________________________________________________________________

prabuddha ray wrote:
> Hi list,
> never before i got such a holistic advice.
> thanks so much Cliff.
> 
> About the 1st mail,
> 
> On Sat, 02 Apr 2005 17:03:56 +0100, Cliff Ford <Cliff.Ford at ed.ac.uk> wrote:
> 
>>Customisation of the login sequence is quite difficult for Newbies
>>because there are lots of different ways to approach the problem - you
>>have already tried some. I suspect that trying to match what was done in
>>PHP may be part of your problem. It would be helpful to know if your
>>lists of users are coming from one source, like a database table, or
>>multiple sources, like multiple tables or different databases, and
>>whether users are unique in each district
> 
> 
> I dint want to built customized login page in 1st place. Actually this
> is a Govt. stores management site used in my state only bulit all in
> ASP. I 've to convert this into a Zope and Plone version.
> So i wanted to get it converted with minimun changes.
> But now as you say i think I should go the way Zope does it . only
> that i'm finding it hard to customize it in Zope.
> 
> 1> the district name and their users come from 2 seperate Mysql
> tables. the users are unique in each district.
> 
> 
>>From there you decide your
>>zope folder structure. It could be like this:
>>
>>site_home
>>|__acl_users
>>|__district1
>>|__district2
>>
>>or like this:
>>
>>site_home
>>|__district1
>>|    |__acl_users
>>|__district2
>>|    |__acl_users
>>
>>In the second case you would not have to worry about asking the user for
>>the district name. In the first case you would get a district name or a
>>user defined role for that district from a supplementary data source,
>>like a database.
> 
> 
> So i think 2nd structure is abetter fit.
> Now the qusetion is how do build this district user folder structure
> using the database?
> Hope not manually, because there are 22 districts and about 15 users
> in each of them pluys head quarters.
> 
> 
>>A combination of exUserFolder and MySQL would do.
> 
> 
> i don know about them, something like mysqluserfolder or
> simpleuserfolder components ?
> 
> 
>>You can get information on the logged in user (Username and Roles) from
>>the User object, so you don't need to expicitly use sessions at this
>>stage. You should certainly not store passwords - that would be a 
>>serious breach of confidentiality.
>>Maybe you should say what you do with the District parameter after the
>>user has logged in.
> 
> 
> I dont need the password but do need the username and district for
> following pages to decide the access rights and the stores available
> inthe districts , also for some report labels.
> 
> 
>>Giving advice or examples on ZPT and Python for an
>>approach that is probably wrong is just too time-consuming.
>>
>>Cliff
> 
> 
> i dint get to know much about coding ZPT's and Script(Python) for them,
>  from the ZPT refs and Zopebook. So wanted some simple working examples.
> 
> About 2nd mail,
> 
> On Sun, 03 Apr 2005 09:39:01 +0100, Cliff Ford <Cliff.Ford at ed.ac.uk> wrote:
> 
>>I have been trying to think of ways of providing specific pointers, So, 
>>assuming you have a custom login page and a custom python script that 
>>processes that page:
>>
>>In the Python script you could set a cookie for the District:
>>
>>context.REQUEST.RESPONSE.setCookie('District', district)
>>
>>where district is the name of the District field in the form. The 
>>District parameter is then always available to your page templates and 
>>scripts in the REQUEST object.
>>
>>At the end of your login script you would typically redirect to some 
>>specific page like this:
>>
>>return context.REQUEST.RESPONSE.redirect('aURL')
>>
>>in exUserFolder you don't have to do anything else - the login works by 
>>magic, which is very confusing.
> 
> 
> 
> Are these above said things not possible in exUserFolder. how do i
> customize it for my problem?
> 
> 
>>Now for the problems:
>>
>>If the login is wrong the system will call /standard_error_message, so 
>>you have to customise that to send the user back to the login form with 
>>a Login failed message.
>>
>>If the user bookmarks a protected page and tries to jump to it without 
>>being logged in, the system will call the login sequence starting in 
>>acl_users, so you have to customise that to call your own login page.
>>
>>After the user has logged in, whenever you need to get the Username you 
>>would typically use a python script like this:
>>
>>from AccessControl import getSecurityManager
>>return getSecurityManager().getUser().getUserName()
>>
>>HTH
>>
>>Cliff
> 
> 
> So this is what can be done if I use exUserFolder ?
> Hope a reply soon.

More information about the Zope mailing list