Ok, so I'm trying to do some auth using request_started.
@contextmanager
def configure_auth(app):
request_started.connect(@contextmanager
def configure_auth(app):
request_started.connect(check_authenticated, app), app)
and then:
def check_authenticated(sender):
# code: do I need to login?
# code: am i logged in?
if not authenticated:
# code: now I would lie to redirect to a login page
But how can I redirect? I can't send a response from a signal.
Any ideas?
Col
Why authenticate from a signal ? Why not use a before_request handler ? On 20 November 2010 09:09, Col Wilson <colwilson@bcs.org> wrote: > Ok, so I'm trying to do some auth using request_started. > > @contextmanager > def configure_auth(app): > request_started.connect(@contextmanager > def configure_auth(app): > request_started.connect(check_authenticated, app), app) > > and then: > > def check_authenticated(sender): > # code: do I need to login? > # code: am i logged in? > if not authenticated: > # code: now I would lie to redirect to a login page > > But how can I redirect? I can't send a response from a signal. > > Any ideas? > > > Col >
Yes, I can see that now. Signals are meant to be fire and forget after all. Auth is an area where I do feel there's a bit of a whole in the docs, or at least the cookbook since we tend to build our own. Surely all you pros out there must have a reasonably standard approach to how to do it? On Sat, Nov 20, 2010 at 9:44 AM, danjac354@gmail.com <danjac354@gmail.com> wrote: > Why authenticate from a signal ? Why not use a before_request handler ? > > On 20 November 2010 09:09, Col Wilson <colwilson@bcs.org> wrote: >> Ok, so I'm trying to do some auth using request_started. >> >> @contextmanager >> def configure_auth(app): >> request_started.connect(@contextmanager >> def configure_auth(app): >> request_started.connect(check_authenticated, app), app) >> >> and then: >> >> def check_authenticated(sender): >> # code: do I need to login? >> # code: am i logged in? >> if not authenticated: >> # code: now I would lie to redirect to a login page >> >> But how can I redirect? I can't send a response from a signal. >> >> Any ideas? >> >> >> Col >> >
On 20 November 2010 10:14, Col Wilson <colwilson@bcs.org> wrote: > Yes, I can see that now. Signals are meant to be fire and forget after all. > > Auth is an area where I do feel there's a bit of a whole in the docs, > or at least the cookbook since we tend to build our own. Surely all > you pros out there must have a reasonably standard approach to how to > do it? > It depends on your needs really. The simplest case is something like this: @app.before_request def authenticate(): if 'userid' in session: g.user = UserModel.get(session['userid']) else: g.user = None To prevent a user from accessing a view, a decorator is best - an example is here : http://flask.pocoo.org/docs/patterns/viewdecorators/#login-required-decorator In the case of a Module you can again use a before_request handler. For more complex requirements I'd recommend Flask-Principal http://packages.python.org/Flask-Principal/ > On Sat, Nov 20, 2010 at 9:44 AM, danjac354@gmail.com > <danjac354@gmail.com> wrote: >> Why authenticate from a signal ? Why not use a before_request handler ? >> >> On 20 November 2010 09:09, Col Wilson <colwilson@bcs.org> wrote: >>> Ok, so I'm trying to do some auth using request_started. >>> >>> @contextmanager >>> def configure_auth(app): >>> request_started.connect(@contextmanager >>> def configure_auth(app): >>> request_started.connect(check_authenticated, app), app) >>> >>> and then: >>> >>> def check_authenticated(sender): >>> # code: do I need to login? >>> # code: am i logged in? >>> if not authenticated: >>> # code: now I would lie to redirect to a login page >>> >>> But how can I redirect? I can't send a response from a signal. >>> >>> Any ideas? >>> >>> >>> Col >>> >> >
Thanks a lot, that really helped. On Sat, Nov 20, 2010 at 10:21 AM, danjac354@gmail.com <danjac354@gmail.com> wrote: > On 20 November 2010 10:14, Col Wilson <colwilson@bcs.org> wrote: >> Yes, I can see that now. Sigldnrals are meant to be fire and forget after all. >> >> Auth is an area where I do feel there's a bit of a whole in the docs, >> or at least the cookbook since we tend to build our own. Surely all >> you pros out there must have a reasonably standard approach to how to >> do it? >> > > It depends on your needs really. The simplest case is something like this: > > @app.before_request > def authenticate(): > if 'userid' in session: > g.user = UserModel.get(session['userid']) > else: > g.user = None > > To prevent a user from accessing a view, a decorator is best - an > example is here : > http://flask.pocoo.org/docs/patterns/viewdecorators/#login-required-decorator > > In the case of a Module you can again use a before_request handler. > > For more complex requirements I'd recommend Flask-Principal > > http://packages.python.org/Flask-Principal/ > > > >> On Sat, Nov 20, 2010 at 9:44 AM, danjac354@gmail.com >> <danjac354@gmail.com> wrote: >>> Why authenticate from a signal ? Why not use a before_request handler ? >>> >>> On 20 November 2010 09:09, Col Wilson <colwilson@bcs.org> wrote: >>>> Ok, so I'm trying to do some auth using request_started. >>>> >>>> @contextmanager >>>> def configure_auth(app): >>>> request_started.connect(@contextmanager >>>> def configure_auth(app): >>>> request_started.connect(check_authenticated, app), app) >>>> >>>> and then: >>>> >>>> def check_authenticated(sender): >>>> # code: do I need to login? >>>> # code: am i logged in? >>>> if not authenticated: >>>> # code: now I would lie to redirect to a login page >>>> >>>> But how can I redirect? I can't send a response from a signal. >>>> >>>> Any ideas? >>>> >>>> >>>> Col >>>> >>> >> >