Hi
Check the value of 'user' and 'user.groups' in groupfinder.
If groupfinder returns None, authenticated_userid returns None too.
2013/09/29 20:29 "Chung WONG" <[email protected]>:
> Hi all,
>
> I am learning pyramid auth and I found i couldn't get authenticated_userid
> in a view callable.
> the auth is done via ajax, which posts email and password to the login_view
>
> # views.py
>
> @view_config( route_name='login', renderer='json')
> def login_view(request):
> * # print request*
> # print authenticated_userid(request) *
> *
> user=request.json_body['email']
> headers=remember(request,user)
> request.response.headerlist.extend(headers)
> * # print headers*
> return {'user':{'id': "521e9fb2e4b0846ddad8f15e", 'email': user,
> 'firstName': "Admin", 'lastName': "User", 'admin': True}}
>
> *print headers printed *
> [('Set-Cookie',
> 'auth_tkt="080e6308afec26c5207ea0352dc453079185452dacd60028f160a0cac8597a2d0ca23b7e55817e6754ea7724af24ccefa81090c375093aec9f690b0141b8fd1d52480caebHVzZXJAYXNkZi5jb20%3D!userid_type:b64unicode";
> Path=/'), ('Set-Cookie',
> 'auth_tkt="080e6308afec26c5207ea0352dc453079185452dacd60028f160a0cac8597a2d0ca23b7e55817e6754ea7724af24ccefa81090c375093aec9f690b0141b8fd1d52480caebHVzZXJAYXNkZi5jb20%3D!userid_type:b64unicode";
> Path=/; Domain=localhost'), ('Set-Cookie',
> 'auth_tkt="080e6308afec26c5207ea0352dc453079185452dacd60028f160a0cac8597a2d0ca23b7e55817e6754ea7724af24ccefa81090c375093aec9f690b0141b8fd1d52480caebHVzZXJAYXNkZi5jb20%3D!userid_type:b64unicode";
> Path=/; Domain=.localhost')]
>
> So now If I do a second call to the login_view,
> *print request printed*
> POST /login HTTP/1.1
> Accept: application/json, text/plain, */*
> Accept-Encoding: gzip,deflate,sdch
> Accept-Language: en-GB,en-US;q=0.8,en;q=0.6
> Cache-Control: no-cache
> Content-Length: 45
> Content-Type: application/json;charset=UTF-8
> Cookie: pdtb=hide;
> auth_tkt="080e6308afec26c5207ea0352dc453079185452dacd60028f160a0cac8597a2d0ca23b7e55817e6754ea7724af24ccefa81090c375093aec9f690b0141b8fd1d52480caebHVzZXJAYXNkZi5jb20%3D!userid_type:b64unicode"
> Host: localhost:6543
> Origin: http://localhost:6543
> Pragma: no-cache
> Referer: http://localhost:6543/
> User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML,
> like Gecko) Chrome/28.0.1500.71 Safari/537.36
> {"email":"[email protected]","password":"luser"}
>
> while
> print authenticated_userid(request) printed
> None
>
> Here are the *Root* and *callback*
> *
> *
> class Root(object):
> __acl__ = [
> (Allow, Authenticated, 'create'),
> (Allow, 'g:editor', 'edit'),
> (Allow, 'g:admin', ALL_PERMISSIONS),
> ]
>
> def __init__(self, request):
> self.request = request
>
> def groupfinder(userid, request):
> #print userid, it prints the email address *[email protected]* correctly
> user = USERS.get(userid)
> if user:
> return ['g:%s' % g for g in user.groups]
>
> Other views with permission are not accessible as well.
> I have no clue why it is failing as browser stored the auth_tkt cookies.
> Did I miss something crucial somewhere?
> Thanks.
>
> --
> You received this message because you are subscribed to the Google Groups
> "pylons-discuss" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To post to this group, send email to [email protected].
> Visit this group at http://groups.google.com/group/pylons-discuss.
> For more options, visit https://groups.google.com/groups/opt_out.
>
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/pylons-discuss.
For more options, visit https://groups.google.com/groups/opt_out.
