 |
 |
 |
Module Reference |  |
 |
 |
At the heart of the module is the single fucntion start(). This is where all the options are specified.
Here is an example program:
import web, web.database, web.auth, web.session
connection = web.database.connect(type='mysql', database='test')
cursor = connection.cursor()
session = web.session.start(storage='database', cursor=cursor, app='test')
user = web.auth.start(
session, storage='database', cursor=cursor,
idle=100, expire=200
)
if user.valid():
print "Content-type: text/plain\n\n"
print user.username, ' is signed in with access level ', user.accessLevel
connection.commit()
As you can see from the code the start function takes a web.session object as its first parameter. This is because the web.auth module stores certain variables, such as the last time a page was accessed by the user, in the session store.
The start function also needs to know where all the information about the users is stored. In this case it is stored in a datbase which can be accessed through the web.database cursor named cursor. The module also supports the use of a file store for the information. You use the setup() function to actually setup applications and users. The start() function is used to create a user object.
The idle parameter specifies the maximum number of seconds that the user can take between visiting two pages before they are signed out. The expire parameter is the maximum number of seconds the user can stay signed in before they are signed out, regardless of how frequently they visit the pages.
There is actually a lot going on behind the scenes in this example and it is worth spending some time going through it in detail.
The user.valid() method determins if the user is logged in and has a sufficiently high accessLevel to use the application. If the user is valid information about the user is populated into the variables user.username, user.firstname, user.surname,user.password,user.accessLevel and user.email.
Note:
that in the example above no app name was specified in the web.auth.start function. If this is the case the auth object is given the same app name as the session object. In this case the auth object therefore has the app name 'test'.
The web.auth module allows a user to have different access to different applications. Each application is named using the app parameter which is why it is so important.
The start() function takes many parameters which can customise the templates used, the behaviour on successful sign in and even provide functionality for password reminders to be sent if the user cannot sign in. All these features are handled automatically by the valid() method demonstrated above. This means that you can add a serious amount of power to your code in just two lines.
|
|
|
Module Reference | |
|
|