 |
 |
 |
Module Reference |  |
 |
 |
|
|
|
Module Reference | |
|
|
The web.auth.start() function has the following parameters:
| session[, storage='database'][, cursor=None][, expire=0][, idle=0][, signInForm=None][, autoSignIn=False][, autoRedirect=False][, redirect=None][, includeQuery=False][, stickyData=][, reminderForm=None][, email=None][, app=None][, accessDenied=None][, emailMessage=None][, htmlPage=None][, encryption=None][, table='Auth'][, dir=None][, debug=False][, checkSignInAttempt=False]) |
Warning:
Because more options may be specified in future versions of this function you should not rely on the order of these parameters. Instead they should be specified with the parameter name and an = sign as is used in the examples in this documentation.
'database' or 'file'.
If storage is 'database' you must also specify cursor to be a valid web.database cursor. By default the necessary database tables beign with 'Auth'. If you want them to begin with something else, perhaps if you want two lots of auth storage in the same database, you can specify the table prepend string using table. For example table='Auth2' would create the tables Auth2Level, Auth2User and Auth2App.
If storage is 'file' you must also specify a directory dir which allows read and write access where the auth information is stored.
None to disable encryption of the stored passwords or 'md5' to generate md5 checksums of the passwords.
True will automatically display a signInForm if the user is not signed in. Note:
If this is set to False you will need to implement your own sign in form system or no information will be displayed and the browser will show an empty page or think you are trying to download a file.
[templateType, templateString] where templateType can be any template type supported by web.template, for example 'python', 'cheetah' etc. templateString should be a string containing the template text for the sign in form. The template should contain the keys name for the form name, action for the form action, method for the form method, stickyData for hidden fields specified in stickyData, username which is the current username, message for the error message and error for the error code which will be displayed in comments if debug is True. If not specified the template web.auth.template.signForm is used. The sign in form must have a hidden field named signIn with a value True for the module to work.
[templateType, templateString] where templateType can be any template type supported by web.template, for example 'python', 'cheetah' etc. templateString should be a string containing the template text for the password email reminder form. The template should contain the keys name for the form name, action for the form action, method for the form method and stickyData for hidden fields specified in stickyData. If not specified the template web.auth.template.reminderForm is used.
[templateType, templateString] where templateType can be any template type supported by web.template, for example 'python', 'cheetah' etc. templateString should be a string containing html page. The template should contain the keys title for the page title and content for the position where the sign in form should be displayed. If not specified the template web.auth.template.htmlPage is used.
web.auth.templates.errorCodes:
errorCodes = {
'LOGIN' : ['Please Sign In',''],
'REMINDER' : ['Enter Email Address',''],
'EXPIRED' : ['Please Sign In','The session expired and you have been signed out.'],
'IDLED' : ['Please Sign In','The session has been left idle for too long and you have been signed out.'],
'NO_USER' : ['Please Sign In','The username specified in your session does not exist. Try signing in again.'],
'NO_SESSION' : ['Please Sign In','There is no session information for the username you are using. This may be because you have been signed out.'],
'WRONG_USERNAME' : ['Please Sign In','The username you have specified does not exist.'],
'WRONG_PASSWORD' : ['Please Sign In','The password is incorrect.'],
'NO_USER_ENTERED' : ['Please Sign In','Please enter a username.'],
'PASS_REMINDER_SENT': ['Reminder Sent','A password reminder has been sent. Please check your email.'],
'ACCESS_DENIED' : ['Please Sign In','You do not have access rights to use this application.'],
'EMAIL_NOT_FOUND' : ['Enter Email Address','Email address not found. Please enter the email address your account was registered with.'],
'NO_PASSWORD' : ['Please Sign In','No password entered.'],
'NO_AUTO_SIGN_IN' : ['Please Sign In','The user is not signed in and autoSignIn mode is not enabled.'],
}
email should be a dictionary with the keys: 'system' which should be a string containing the name of the website, 'sender' which is the name of the person the email should come from, 'reply' which is the email address of the sender, 'method' can be 'sendmail' or 'smtp' depending on how you want the mail delivered, 'sendmail' is the path to sendmail and is only needed if 'method' is 'sendmail', 'smtp' is the SMTP server to use and is only needed if 'method' is 'smtp', 'template' is the template for the email message and 'type' is the type of the template.
For example:
email = {
'system':'Python Web Login System',
'sender':'System Administrator',
'reply':'sysadmin@example.com',
'method':'sendmail',
'sendmail':'/usr/bin/sendmail',
'smtp':'smtp.ntlworld.com',
'type':'python',
'template':"""
Dear %(firstname)s,
Your password for the %(system)s is shown below.
%(password)s
You should be able to use this password to sign in.
Best wishes,
%(sender)s
"""
}
True will automatically redirect the user to the page they tried to visit before they signed in. If redirect and includeQuery are not specified the browser will redirect to the page for the sign in script without any query arguments.
Note: Doesn't work with the test webserver distributed with the web modules.
True. If specified, redirect is the URL to redirect to.
True. If includeQuery is True the browser will redirect to the URL which was visited.
True then the error code will be displayed in HTML comments in the source of each screen from the auth system.
True the code will check to see if a user is attempting to sign in before checking to see if a valid user is already signed in. This means that a user can sign in with a different username without first having to sign out. If checkSignInAttempt is False the module would not notice a user was signing in and would display the page ignoring the sign in attempt.
The module makes the check by looking for the cgi key username. This means that you can't use username as a cgi key if checkSignInAttempt is True as the module will think a user is attempting to sign in.
content and title.
htmlPageRegions = {'content':'customContentRegion','title':'customTitleRegion'}
The Auth object returned by the start() function has the following methods and attributes:
| ) |
| ) |
True if they are. Does not provide any sign in functionality.
| ) |
True if they are. If the user is not signed in and autoSignIn is True, this function prints a sign in page and will handle subsequent sign in attempts automatically.
| ) |
| [error=''][,username=''][,stickyData={}]) |
| [error=''][,stickyData={}]) |
None if there is no user.
None if there is no user.
None if there is no user.
None if there is no user. If encryption is being used, this is the encrypted password.
None if there is no user.
None if there is no user.
user.level[user.app] is the same as user.accessLevel
True if a user is signed in, False otherwise.
|
|
|
Module Reference | |
|
|