I'm using Apache + mod_wsgi....
Here is my problem. I have an admin area to my website that is only
available if 'logged_in' is set to True. Everything works semi-ok.
The admin access area is restricted until the user logs in, but this
is where things get buggy. Once the user logs into the admin section
the links are available for a few clicks, then it redirects back to
the login page. Once the user logs in, I want them to be able to
access the admin links until they either log out or close their
browser. I think I'm having some sort of Session issue. Here is my
code....
app = web.application(urls, globals(), autoreload=False)
curdir = os.path.dirname(__file__)
session = web.session.Session(app,
web.session.DiskStore(os.path.join(curdir + '/' + 'sessions')),
initializer={'logged_in': False})
application = app.wsgifunc()
....debug is set to false
When user log in is verified, I set 'logged_in' to False.
if f.validates() & auth:
session.logged_in = True
return web.seeother('/admin')
Finally, I'm using a decorator class to verify that a user is logged
in.
class AdminVerifier(object):
def __init__(self, f):
self.f = f
def __call__(self, *args):
"""If the user is logged in, the GET function of the calling
class
is returned. If the user is not logged, they are
redirect to the login page."""
if session.get('logged_in') is False:
raise web.seeother('/login')
else:
return self.f(self, *args)
My way of doing seems to work temporarily, but after navigating the
admin page for a few links, the user is redirected to the login page
and denied access to the admin page.
I'm new to web development and web.py, so any input would be gladly
welcomed.
Thanks for your time!
-Brent Lingle
blin...@mail.usf.edu
--
You received this message because you are subscribed to the Google Groups
"web.py" group.
To post to this group, send email to webpy@googlegroups.com.
To unsubscribe from this group, send email to
webpy+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/webpy?hl=en.
