I am making a website where people can create and maintain "widgets." It's not important what widgets are, just that you can create them, and you can edit them, by a web interface.
I am open to other ways of doing this, but basically, I need something where the front page looks like this: WIDGET NAME: [ ] WIDGET PASSWORD: [ ] You enter the name of your widget where it says "name," and you enter the password where it says "password." Suppose the name is "foo," and the password is "bar." If you enter "foo" and "bar," you should find yourself on a page for widget "foo," perhaps: http://example.net/widget/foo/ ...and be free to make edits. Now, how do you model this? I put a form which would POST "foo" and "bar", and indeed get to the widget editing page. But the problem I see is: * I have to keep passing around "foo" and "bar" with every call. * "foo" and "bar" keep showing up in the GET line for redirects. This is very insecure, since a person might bookmark a page, share it, and they will very well likely end up with the password in their URL. It's also irritating, because every single edit has to include a bunch of code about passwords. Are there any preferred or established ways of doing this in TurboGears? I'm at a total loss about what to do. I have investigated manuals, mailing lists, IRC, web pages, all sorts of things, and have not found a good solution. You would think that this thing would be commonly needed. In fact, there is a trac ticket: http://trac.turbogears.org/turbogears/ticket/11 Is there a solution for me, beyond "wait for 0.9 or 1.0 to be released?" I don't think I can afford to wait; I feel like I'll lose momentum in my project, if that's the case.
