diff options
| author | Patricio Paez <pp@pp.com.mx> | 2012-04-08 09:13:06 -0500 |
|---|---|---|
| committer | Patricio Paez <pp@pp.com.mx> | 2012-04-08 09:13:06 -0500 |
| commit | fad5003b4f0cba6217c23e2f3aa40bf7cb4f8200 (patch) | |
| tree | 7c8484bd7c9c4f82106a579df55f0101b291e3cc /docs/tutorials/wiki2/authorization.rst | |
| parent | c226b1ae080aa7d19c47626b07fe6d8ef6bbba9e (diff) | |
| download | pyramid-fad5003b4f0cba6217c23e2f3aa40bf7cb4f8200.tar.gz pyramid-fad5003b4f0cba6217c23e2f3aa40bf7cb4f8200.tar.bz2 pyramid-fad5003b4f0cba6217c23e2f3aa40bf7cb4f8200.zip | |
Normalize Authorization in both tutorials 4
- Sync content of Add login and logout views,
Add the login.pt template, Return a logged_in
flag, Add a logout link sections
- Normalize sections of views.py
Diffstat (limited to 'docs/tutorials/wiki2/authorization.rst')
| -rw-r--r-- | docs/tutorials/wiki2/authorization.rst | 39 |
1 files changed, 21 insertions, 18 deletions
diff --git a/docs/tutorials/wiki2/authorization.rst b/docs/tutorials/wiki2/authorization.rst index 0bf50f674..0294f8690 100644 --- a/docs/tutorials/wiki2/authorization.rst +++ b/docs/tutorials/wiki2/authorization.rst @@ -213,8 +213,8 @@ routes: Add Login and Logout Views ~~~~~~~~~~~~~~~~~~~~~~~~~~ -To our ``views.py`` we'll add a ``login`` view callable which renders a login -form and processes the post from the login form, checking credentials. +We'll add a ``login`` view which renders a login form and processes +the post from the login form, checking credentials. We'll also add a ``logout`` view callable to our application and provide a link to it. This view will clear the credentials of the @@ -240,24 +240,27 @@ expire an auth ticket cookie. Now add the ``login`` and ``logout`` views: .. literalinclude:: src/authorization/tutorial/views.py - :lines: 89-121 + :lines: 91-123 :linenos: :language: python -``login()`` is decorated with two decorators, a -``@view_config`` decorator, which associates it with the ``login`` -route and makes it visible when we visit ``/login``, -and a ``@forbidden_view_config`` decorator which turns it into -an :term:`forbidden view`. The forbidden view is -displayed whenever Pyramid or your application raises an -:class:`pyramid.httpexceptions.HTTPForbidden` exception. In this -case we'll show the login form whenever someone attempts -to execute an action which they're not yet -authorized to perform. +``login()`` is decorated with two decorators: + +- a ``@view_config`` decorator which associates it with the + ``login`` route and makes it visible when we visit ``/login``, +- a ``@forbidden_view_config`` decorator which turns it into + an :term:`forbidden view`. ``login()`` will be invoked + when a users tries to execute a view callable that + they are not allowed to. For example, if a user has not logged in + and tries to add or edit a Wiki page, he will be shown the + login form before being allowed to continue on. + +The order of these two :term:`view configuration` decorators +is unimportant. ``logout()`` is decorated with a ``@view_config`` decorator -which associates it with the ``logout`` route. This makes it match when we -visit ``/logout``. +which associates it with the ``logout`` route. It will be +invoked when we visit ``/logout``. Add the ``login.pt`` Template ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -291,12 +294,12 @@ like this: .. code-block:: python :linenos: - :emphasize-lines: 3 + :emphasize-lines: 4 return dict(page = page, content = content, - logged_in = authenticated_userid(request), - edit_url = edit_url) + edit_url = edit_url, + logged_in = authenticated_userid(request)) (Only the highlighted line needs to be added.) |