Collection of repoze.who friendly form plugins¶
| Author: | Gustavo Narea. |
|---|---|
| Latest release: | 1.0.6 |
Overview
repoze.who-friendlyform is a repoze.who plugin which provides a collection of developer-friendly form plugins, although for the time being such a collection has only one item.
How to install¶
The minimum requirement is repoze.who, and you can install both with easy_install:
easy_install repoze.who-friendlyform
Available form plugins¶
- class repoze.who.plugins.friendlyform.FriendlyFormPlugin(login_form_url, login_handler_path, post_login_url, logout_handler_path, post_logout_url, rememberer_name, login_counter_name=None, charset='iso-8859-1')¶
RedirectingFormPlugin-like form plugin with more features.
It is like RedirectingFormPlugin, but provides us with the following features:
- Users are not challenged on logout, unless the referrer URL is a private one (but that’s up to the application).
- Developers may define post-login and/or post-logout pages.
- In the login URL, the amount of failed logins is available in the environ. It’s also increased by one on every login try. This counter will allow developers not using a post-login page to handle logins that fail/succeed.
You should keep in mind that if you’re using a post-login or a post-logout page, that page will receive the referrer URL as a query string variable whose name is “came_from”.
Forms can be submitted with any encoding (non-ASCII credentials are supported) and ISO-8859-1 (aka “Latin-1”) is the default one.
- __init__(login_form_url, login_handler_path, post_login_url, logout_handler_path, post_logout_url, rememberer_name, login_counter_name=None, charset='iso-8859-1')¶
Parameters: - login_form_url (str) – The URL/path where the login form is located.
- login_handler_path (str) – The URL/path where the login form is submitted to (where it is processed by this plugin).
- post_login_url (str) – The URL/path where the user should be redirected to after login (even if wrong credentials were provided).
- logout_handler_path (str) – The URL/path where the user is logged out.
- post_logout_url (str) – The URL/path where the user should be redirected to after logout.
- rememberer_name (str) – The name of the repoze.who identifier which acts as rememberer.
- login_counter_name (str) – The name of the query string variable which will represent the login counter.
- charset (str) – The character encoding to be assumed when the user agent does not submit the form with an explicit charset.
The login counter variable’s name will be set to __logins if login_counter_name equals None.
Changed in version 1.0.1: Added the charset argument.
FriendlyFormPlugin examples¶
When you use this plugin, you would implement a controller action for logins, like this one:
# You have to adapt this function to the way things work in your framework:
def login(request):
login_counter = request.environ['repoze.who.logins']
if login_counter > 0:
display_message("Wrong credentials", status="error")
came_from = request.params.get("came_from") or "/"
return render("login.html", login_counter=login_counter, came_from=came_from)
Where the “login.html” template is defined as:
<!-- Adapt this code to your templating engine -->
<form action="/login_handler?came_from={{ came_from }}&__logins={{ login_counter }}"
method="POST">
<label>Username: <input type="text" name="login"/></label>
<label>Password: <input type="password" name="password"/></label>
<input type="submit" value="Login"/>
</form>
Post-login action¶
A controller action for post-logins could look like:
# You have to adapt this function to the way things work in your framework:
def welcome_back(request):
identity = request.environ.get("repoze.who.identity")
came_from = request.params.get('came_from', '') or "/"
if identity:
# Login succeeded
userid = identity['repoze.who.userid']
display_message('Welcome back, %s!' % userid, status="success")
destination = came_from
else:
# Login failed
login_counter = request.environ['repoze.who.logins'] + 1
destination = "/login?came_from=%s&__logins=%s" % (came_from, login_counter)
return Redirect(destination)
Post-logout action¶
A controller action for post-logouts could look like:
# You have to adapt this function to the way things work in your framework:
def see_you_later(request):
display_message("We hope to see you soon!", status="success")
came_from = request.params.get('came_from', '') or "/"
return Redirect(came_from)
Support and development¶
The prefered place to ask questions is the Repoze mailing list or the #repoze IRC channel. Bugs reports and feature requests should be sent to the issue tracker of the Repoze project.
The development mainline is available at the following Subversion repository:
http://svn.repoze.org/whoplugins/whofriendlyforms/trunk/
