Menu
▾
▴
RE: [Spyce-users] session question
|
From: ben r. <ben...@co...> - 2004-03-31 20:19:54
|
Almar,
Since you have some kind of user database, you are likely more interested in
the appropriate userID from that database than you are in the actual autoID
from the session module. I'd recommend ignoring autoID and just use the
session.auto variable to store that userID or perhaps the username itself.
Change the login action to:
===============
loginaction.spy
===============
[[.import name=session args="'session_dir','/tmp', auto=10000"]]
[[\
username = request['username']
password = request['password']
## do database stuff here. validate the password and
## get userID from user database
session.auto = userID
]]
<br><br>
</body></html>
================================
testforsession.spy (include this on every page requiring login)
================================
[[.import name=session args="'session_dir','/tmp', auto=10000"]]
if (not session.auto) or (session.auto==0):
redirect.external(site_root+"login.spy")
else:
userID = session.auto
-Ben Ringold
-----Original Message-----
From: spy...@li...
[mailto:spy...@li...]On Behalf Of Elmar
Bschorrer
Sent: Wednesday, March 31, 2004 12:29 PM
To: spy...@li...
Subject: [Spyce-users] session question
hi,
how can i use session-handling for authentication???
what i have done so far is...:
--------------------------------------------------
form.html - the login form
#########
<html>
Login:
<p>
<form action="loginaction.spy" method="POST">
Name: <input type="text" name="userName"><br>
Password <input type="password" name="password"><br>
<input type="submit">
</form>
</html>
--------------------------------------------------
loginaction.spy - test if user is known to system, here create a session
################ without checking for correct username and password
[[.import name=session args="'session_dir','/tmp', auto=10000"]]
[[\
## create new session and print it
print session.autoID
]]
<br><br>
## submit sessionID as url-param
<a href="test.spy?session=[[=session.autoID]]">link</a>
</body></html>
--------------------------------------------------
testforsession.spy - check if the submitted session id is valid
##################
[[.import name=session args="'session_dir','/tmp', auto=10000"]]
<html><body>
[[\
sessionID = request.get1('session')
print sessionID,"<br>" ##this works fine!
num = session.get(sessionID)
print num
]]
</body></html>
----------------------------------------------------
hmmm, num is "None" - what am i doing wrong??
tia
tom
--
+++ NEU bei GMX und erstmalig in Deutschland: TÜV-geprüfter Virenschutz +++
100% Virenerkennung nach Wildlist. Infos: http://www.gmx.net/virenschutz
-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Spyce-users mailing list
Spy...@li...
https://lists.sourceforge.net/lists/listinfo/spyce-users
|