On 2005/09/22 15:57, Eli Marmor <[EMAIL PROTECTED]> wrote:
> Sorry for being not enough clear: I didn't speak about HTTP
> authentication, and even not about a library doing the authentication
> for you. All I spoke was about some convenient routines that may save
> 80% of the work for people who implement cookies-based or session-based
> authentication.
I had understood well what you wanted.
> The username and the password are received from the user by a POST
> request, optionally encrypted (by SSL, or by JavaScript, etc.). From
> now on, the programmer "marks" the session, so following requests will
> be identified as coming from this specific user. This can be done in
> two ways: by setting a unique cookie (usually temporary), or by adding
> a unique hidden "&arg=val" to following requests/responses
> ("sessionization").
That's already a lot of assumptions you're making about the
authentication process, which a generic library like libapreq should
not know of.
Why do you want to add that to libapreq, instead of an add-on library?
An additional library can do the same job in saving this 80% of
people's work you spoke of. Note: we agree that there is a demand for
such a library / module, and that using libapreq makes sense.
Max
