At 11:21 PM 7/7/2008 +0200, Manlio Perillo wrote:
So this is not a "bad" middleware, IMHO.
True, but it's part of the application, rather than being transparent.
By the way, a middleware that is responsible for user authentication:
http://hg.mperillo.ath.cx/wsgix/file/tip/wsgix/auth/http_middleware.py
is a good middleware?
To keep it simple, the middleware check if there is an authorization
header and the credentials are correct.
If this is true, execute the WSGI application (setting
environ['REMOTE_USER']), otherwise return a forbidden response.
Right - that's transparent middleware: the application doesn't need
to know it's there.
Under WSGI 2.0, it's even easier since you don't need decorators to
manipulate your response: you can just "return someapi(...)" where
the "..." is whatever you were going to return directly.
return someapi() from inside the WSGI application?
Yes.
_______________________________________________
Web-SIG mailing list
Web-SIG@python.org
Web SIG: http://www.python.org/sigs/web-sig
Unsubscribe:
http://mail.python.org/mailman/options/web-sig/archive%40mail-archive.com
