On 2/22/11 10:12 , Chris Withers wrote:
Hi All,
Suppose I have a user object that behaves something like:
class User:
def __init__(self,name,password):
self.name,self.password = name,password
def authenticate(self,password):
return self.password==password
def allowed(self,permission):
... stuff ...
Now, for the sake of argument, lets say this object is expensive to
obtain from its persistent storage, which I suspect may often be the
case...
It feels like in order to do both authentication and authorisation, I
need to obtain this user two or three times, once in the authentication
middlewear, once in the authentication policy and once in the
authorization policy.
If, say, I instantiate this user in the authentication middlewear,
where's there "right" place to put this user object so that I don't have
to instantiate it again when I need it for the authentication and
authorization policies?
Either the environ or stick it on the request.
Wichert.
--
You received this message because you are subscribed to the Google Groups
"pylons-devel" group.
To post to this group, send email to pylons-devel@googlegroups.com.
To unsubscribe from this group, send email to
pylons-devel+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/pylons-devel?hl=en.
