[Zope3-checkins] SVN: Zope3/trunk/ Improve 'camefrom' parameter
when credential plugin redirect to the login page.
Florent Xicluna
laxyf at yahoo.fr
Sat Sep 30 05:13:19 EDT 2006
Log message for revision 70447:
Improve 'camefrom' parameter when credential plugin redirect to the login page.
Previously, the 'camefrom' was only keeping the traversed URL.
Now it redirects to the requested URL, including query string.
Changed:
U Zope3/trunk/doc/CHANGES.txt
U Zope3/trunk/src/zope/app/authentication/session.py
-=-
Modified: Zope3/trunk/doc/CHANGES.txt
===================================================================
--- Zope3/trunk/doc/CHANGES.txt 2006-09-29 20:36:10 UTC (rev 70446)
+++ Zope3/trunk/doc/CHANGES.txt 2006-09-30 09:13:17 UTC (rev 70447)
@@ -129,6 +129,10 @@
Bug fixes
+ - When a credential plugin redirects to the login page, it memorizes
+ the requested URL in the 'camefrom' GET parameter.
+ The 'camefrom' parameter was not accurate.
+
- Fixed a bug in getImageInfo which could cause an
UnboundLocalError under certain conditions.
Modified: Zope3/trunk/src/zope/app/authentication/session.py
===================================================================
--- Zope3/trunk/src/zope/app/authentication/session.py 2006-09-29 20:36:10 UTC (rev 70446)
+++ Zope3/trunk/src/zope/app/authentication/session.py 2006-09-30 09:13:17 UTC (rev 70447)
@@ -206,7 +206,7 @@
'password': credentials.getPassword()}
def challenge(self, request):
- """Challenges by redirecting to a loging form.
+ """Challenges by redirecting to a login form.
To illustrate, we'll create a test request:
@@ -230,7 +230,7 @@
>>> request.response.getStatus()
302
>>> request.response.getHeader('location')
- 'http://127.0.0.1/@@loginForm.html?camefrom=http%3A%2F%2F127.0.0.1'
+ 'http://127.0.0.1/@@loginForm.html?camefrom=%2F'
The plugin redirects to the page defined by the loginpagename
attribute:
@@ -239,24 +239,30 @@
>>> plugin.challenge(request)
True
>>> request.response.getHeader('location')
- 'http://127.0.0.1/@@mylogin.html?camefrom=http%3A%2F%2F127.0.0.1'
+ 'http://127.0.0.1/@@mylogin.html?camefrom=%2F'
It also provides the request URL as a 'camefrom' GET style parameter.
To illustrate, we'll pretend we've traversed a couple names:
- >>> request._traversed_names = ['foo', 'bar']
- >>> request.getURL()
- 'http://127.0.0.1/foo/bar'
+ >>> env = {
+ ... 'REQUEST_URI': '/foo/bar/folder/page%201.html?q=value',
+ ... 'QUERY_STRING': 'q=value'
+ ... }
+ >>> request = TestRequest(environ=env)
+ >>> request._traversed_names = [u'foo', u'bar']
+ >>> request._traversal_stack = [u'page 1.html', u'folder']
+ >>> request['REQUEST_URI']
+ '/foo/bar/folder/page%201.html?q=value'
When we challenge:
>>> plugin.challenge(request)
True
- We see the 'camefrom' points to the traversed URL:
+ We see the 'camefrom' points to the requested URL:
>>> request.response.getHeader('location') # doctest: +ELLIPSIS
- '.../@@mylogin.html?camefrom=http%3A%2F%2F127.0.0.1%2Ffoo%2Fbar'
+ '.../@@mylogin.html?camefrom=%2Ffoo%2Fbar%2Ffolder%2Fpage+1.html%3Fq%3Dvalue'
This can be used by the login form to redirect the user back to the
originating URL upon successful authentication.
@@ -265,7 +271,15 @@
return False
site = hooks.getSite()
- camefrom = request.getURL()
+ # We need the traversal stack to complete the 'camefrom' parameter
+ stack = request.getTraversalStack()
+ stack.reverse()
+ # Better to add the query string, if present
+ query = request.get('QUERY_STRING','')
+
+ camefrom = '/'.join([request.getURL(path_only=True)] + stack)
+ if query:
+ camefrom = camefrom + '?' + query
url = '%s/@@%s?%s' % (absoluteURL(site, request),
self.loginpagename,
urlencode({'camefrom': camefrom}))
More information about the Zope3-Checkins
mailing list