[Zope] html form authentication

Eron Lloyd elloyd@lancaster.lib.pa.us
Sun, 30 Mar 2003 15:49:27 -0500 

Perhaps it would be quite valuable to take CookieCrumbler or some equivalen=
t =20
and have it migrated into the official core (like the Core Session Manager=
=20
was)? It seems enough people are looking for this feature...

Regards,

Eron

On Sunday 30 March 2003 12:24 pm, Jens Vagelpohl wrote:
> use the CookieCrumber product (-> search zope.org) to do cookie-based
> authentication. do not attempt to "hand-roll" authentication by calling
> methods on the user folder. it will not work.
>
> jens
>
> On Sunday, Mar 30, 2003, at 10:58 US/Eastern, I=F1igo Serna wrote:
> > Hello,
> >
> > I want to authenticate users from acl_users with my own HTML form and
> > a python script.
> > I can't use user._getPassword() because it's an internal method.
> > and it seems user.authenticate function calls browser authentication
> > again.
> > How could I achieve this?
> >
> > This is the code I use:
> >
> > *************** ZPT "form" ***************
> > ...
> >         <form action=3D"login" method=3D"post">
> >           <table class=3D"form">
> >             <tbody>
> >               <tr>
> >                 <th class=3D"text">Name: </th>
> >                 <td><input name=3D"user" size=3D"12" maxlength=3D"12"
> > value=3D""></td>
> >               </tr>
> >               <tr>
> >                 <th class=3D"text">Password: </th>
> >                 <td><input name=3D"password" type=3D"password" size=3D"=
12"
> > maxlength=3D"8" value=3D""></td>
> >               </tr>
> >               <tr><td>&nbsp;</td></tr>
> >               <tr>
> >                 <td align=3D"center">
> >                   <input type=3D"reset" value=3D"Clean">
> >                 </td>
> >                 <td align=3D"center">
> >                   <input type=3D"SUBMIT" value=3D"Submit">
> >                 </td>
> >               </tr>
> >             </tbody>
> >           </table>
> >         </form>
> > ...
> > *********************************************
> >
> > *************** Script (Python) "login" ***************
> > request =3D container.REQUEST
> > RESPONSE =3D  request.RESPONSE
> > user =3D container.acl_users.getUser(request.user)
> > try:
> >     if user.authenticate('the_password', request):
> >         print 'OK'
> >     else:
> >         print 'FAILED'
> > except AttributeError:
> >     print 'User doesn\' exist'
> > return printed
> > *********************************************
> >
> > Thanks in advance,
> > I=F1igo
> > <signature.asc>
>
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://mail.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://mail.zope.org/mailman/listinfo/zope-announce
>  http://mail.zope.org/mailman/listinfo/zope-dev )
> ---
> [This E-mail scanned for viruses by Declude Virus]