Re: [flask] Flask Principal Question
- From:
- Jonathan Chen
- Date:
- 2011-04-10 @ 22:38
Thanks for the code snippets. It really sparking some thinking and design
ideas for my web app. The other thing that I wanted to point out is what is
the difference between using sessions or g for storing user specific data?
~Jonathan C.
On Sun, Apr 10, 2011 at 2:09 AM, Ishbir Singh <ishbir24@gmail.com> wrote:
> I personally use my own system; simply because I find Flask-Principal hard
> to use and inadequate for my needs. I implemented this module for a project
> of mine-
>
> http://pastebin.com/7xaDi2SU
>
> Use it like:
>
> @require(Identity) # require user to be logged in
> def hello():
> return 'Hey'
>
> @require(Identity(None)) # user to be logged out
> def login():
> return 'Login form'
>
> @require(Identity('Admin')) # username=Admin
> def edit():
> return 'Edit'
>
> @require(SomeCallable) # SomeCallable is a function returning a boolean
> value
> def something():
> return 'something'
>
> @require(Permission('can delete'))
> def delete():
> return 'delete'
>
> Check the source out for more.. its thoroughly commented.
>
>
> On Sat, Apr 9, 2011 at 12:03 AM, Jonathan Chen <tamasiaina@gmail.com>wrote:
>
>> Hey,
>>
>> I am planning to add some security into my app. I'm just wondering about
>> flask principal. Is it ready to use right now or do I should I wait and use
>> a homebuilt security system.
>>
>> ~Jonathan C.
>>
>
>
>
> --
> Ishbir Singh
>
Re: [flask] Flask Principal Question
- From:
- Drew Vogel
- Date:
- 2011-04-10 @ 23:57
On Sun, Apr 10, 2011 at 5:38 PM, Jonathan Chen <tamasiaina@gmail.com> wrote:
> The other thing that I wanted to point out is what is the difference
> between using sessions or g for storing user specific data?
>
> ~Jonathan C.
>
>
Data stored in the session object persists across requests while g is
initially empty with each request. The documentation for g says:
"Just store on this whatever you want. For example a database connection or
the user that is currently logged in."
However that should read more like:
"Just store on this whatever you want. For example, your authentication
decorator could copy the authenticated user id from the session object for
more terse access."
Drew Vogel
Re: [flask] Flask Principal Question
- From:
- Jonathan Chen
- Date:
- 2011-04-11 @ 00:16
thanks for the info that clears up a lot of things. For a while I thought
they were both the same :P I need to read more carefully.
~Jonathan C.
On Sun, Apr 10, 2011 at 4:57 PM, Drew Vogel <drewpvogel@gmail.com> wrote:
> On Sun, Apr 10, 2011 at 5:38 PM, Jonathan Chen <tamasiaina@gmail.com>wrote:
>
>> The other thing that I wanted to point out is what is the difference
>> between using sessions or g for storing user specific data?
>>
>> ~Jonathan C.
>>
>>
> Data stored in the session object persists across requests while g is
> initially empty with each request. The documentation for g says:
>
> "Just store on this whatever you want. For example a database connection or
> the user that is currently logged in."
>
> However that should read more like:
>
> "Just store on this whatever you want. For example, your authentication
> decorator could copy the authenticated user id from the session object for
> more terse access."
>
> Drew Vogel
>