diff options
| author | Theron Luhn <theron@luhn.com> | 2020-11-07 11:08:31 -0800 |
|---|---|---|
| committer | Theron Luhn <theron@luhn.com> | 2020-11-07 11:08:31 -0800 |
| commit | 25cdbd76b59119bfe4b0b5b8352dc79acfef01d9 (patch) | |
| tree | bc9f9cbbbfd02149b71138f3313779aba88ee123 /docs/tutorials/wiki2/src | |
| parent | ea0bd6538097d3e8b840bc2f7fdde45227cfefea (diff) | |
| download | pyramid-25cdbd76b59119bfe4b0b5b8352dc79acfef01d9.tar.gz pyramid-25cdbd76b59119bfe4b0b5b8352dc79acfef01d9.tar.bz2 pyramid-25cdbd76b59119bfe4b0b5b8352dc79acfef01d9.zip | |
Remove `request.user` from wiki2 authentication tutorial.
Diffstat (limited to 'docs/tutorials/wiki2/src')
4 files changed, 6 insertions, 8 deletions
diff --git a/docs/tutorials/wiki2/src/authentication/tutorial/security.py b/docs/tutorials/wiki2/src/authentication/tutorial/security.py index a4843f286..e0d8ed965 100644 --- a/docs/tutorials/wiki2/src/authentication/tutorial/security.py +++ b/docs/tutorials/wiki2/src/authentication/tutorial/security.py @@ -40,5 +40,3 @@ def includeme(config): config.set_default_csrf_options(require_csrf=True) config.set_security_policy(MySecurityPolicy(settings['auth.secret'])) - config.add_request_method( - lambda request: request.identity, 'user', property=True) diff --git a/docs/tutorials/wiki2/src/authentication/tutorial/templates/layout.jinja2 b/docs/tutorials/wiki2/src/authentication/tutorial/templates/layout.jinja2 index 64a1db0c5..5d6a23410 100644 --- a/docs/tutorials/wiki2/src/authentication/tutorial/templates/layout.jinja2 +++ b/docs/tutorials/wiki2/src/authentication/tutorial/templates/layout.jinja2 @@ -33,13 +33,13 @@ </div> <div class="col-md-10"> <div class="content"> - {% if request.user is none %} + {% if request.identity is none %} <p class="pull-right"> <a href="{{ request.route_url('login') }}">Login</a> </p> {% else %} <form class="pull-right" action="{{ request.route_url('logout') }}" method="post"> - {{request.user.name}} + {{request.identity.name}} <input type="hidden" name="csrf_token" value="{{ get_csrf_token() }}"> <button class="btn btn-link" type="submit">Logout</button> </form> diff --git a/docs/tutorials/wiki2/src/authentication/tutorial/views/auth.py b/docs/tutorials/wiki2/src/authentication/tutorial/views/auth.py index e1a564415..e66c68a34 100644 --- a/docs/tutorials/wiki2/src/authentication/tutorial/views/auth.py +++ b/docs/tutorials/wiki2/src/authentication/tutorial/views/auth.py @@ -53,7 +53,7 @@ def logout(request): @forbidden_view_config(renderer='tutorial:templates/403.jinja2') def forbidden_view(exc, request): - if request.user is None: + if request.identity is None: next_url = request.route_url('login', _query={'next': request.url}) return HTTPSeeOther(location=next_url) diff --git a/docs/tutorials/wiki2/src/authentication/tutorial/views/default.py b/docs/tutorials/wiki2/src/authentication/tutorial/views/default.py index 378ce0ae9..4fb715737 100644 --- a/docs/tutorials/wiki2/src/authentication/tutorial/views/default.py +++ b/docs/tutorials/wiki2/src/authentication/tutorial/views/default.py @@ -45,7 +45,7 @@ def view_page(request): def edit_page(request): pagename = request.matchdict['pagename'] page = request.dbsession.query(models.Page).filter_by(name=pagename).one() - user = request.user + user = request.identity if user is None or (user.role != 'editor' and page.creator != user): raise HTTPForbidden if request.method == 'POST': @@ -60,7 +60,7 @@ def edit_page(request): @view_config(route_name='add_page', renderer='tutorial:templates/edit.jinja2') def add_page(request): - user = request.user + user = request.identity if user is None or user.role not in ('editor', 'basic'): raise HTTPForbidden pagename = request.matchdict['pagename'] @@ -70,7 +70,7 @@ def add_page(request): if request.method == 'POST': body = request.params['body'] page = models.Page(name=pagename, data=body) - page.creator = request.user + page.creator = request.identity request.dbsession.add(page) next_url = request.route_url('view_page', pagename=pagename) return HTTPSeeOther(location=next_url) |