Sat, 4 Jan 2014 17:05:28 +0100 Cédric Krier <cedric.kr...@b2ck.com>: >- web_user > The idea of this module is about having a common minimal web user > definition/support. I think such user should be identify by just > their E-mail and that the module should provide a password > authentication. I also think having a way to validate user by > verifying email address is also a common need.
yes, agree. An other common need is IMHO a password reset request, in case the password is lost. At least for verification we will rely on data coming from untrusted environments. To be sure it is not faked/manipulated we could use itsdangerous[1] to sign e.g. the email address with the password and/or another secret as key. [...] > The module should also provide an optional session mechanism where > any web framework could be plugged on. The goal will be to have a > shared via database session across multiple instance. Maybe we can marriage Tryton with beaker[2] whose sessions seem to be supported by flask, django, pylons or pyramid applications. [1] https://pythonhosted.org/itsdangerous [2] http://beaker.readthedocs.org Regards Udo Spallek -- _____________________________ virtual things Preisler & Spallek GbR München - Aachen Windeckstr. 77 81375 München Tel: +49 (89) 710 481 55 Fax: +49 (89) 710 481 56 i...@virtual-things.biz http://www.virtual-things.biz
signature.asc
Description: PGP signature
