改造repoze.who

最近使用turbogears2.1做项目,tg我观察了两年,现在终于比较稳定了,所以决定尝试用tg来搞新项目,在开发的过程中享受到了各个组件的方便之处,也发现了不足的地方,repoze.who 默认只在cookie里保存了用户的登录信息,没有保存其他的数据,比如groups,permissions,都是每个页面去数据库查,看log的时候心疼啊,于是自己写插件

首先配置tg2使用自定义的who.ini

$ emacs development.ini

添加

[app:main]

who.config_file = %(here)s/who.ini
who.log_level = debug
who.log_file = stdout

编辑middleware.py

$ emacs middleware.py

http://pastie.org/954979

然后在项目的根目录下添加一个 who.ini

编辑以下内容

[plugin:auth_tkt]

# Cookie-based session identification storage

use = repoze.who.plugins.auth_tkt:make_plugin

secret = 'this secret is not really very SECRET!'

[plugin:friendlyform]

# Redirecting form which does login via a "post"

# from a regular /login form

use = repoze.who.plugins.friendlyform:FriendlyFormPlugin

login_form_url= / signin

login_handler_path = /login_handler

logout_handler_path = /logout_handler

rememberer_name = auth_tkt

post_login_url =

post_logout_url =

[plugin:sqlauth]

# An SQLAlchemy authorization plugin

use = bjnozpw.lib.auth:auth_plugin

# Now the configuration starts wiring together the pieces

[general]

request_classifier = repoze.who.classifiers:default_request_classifier

challenge_decider = repoze.who.classifiers:default_challenge_decider

[identifiers]

# We can decide who the user is trying to identify as using either

# a fresh form-post, or the session identifier cookie

plugins =

    friendlyform;browser

    auth_tkt

[authenticators]

plugins =

    sqlauth

[challengers]

plugins =

    friendlyform;browser

[mdproviders]

# Metadata providers are the things that actually look up a user's credentials

# here we have a plugin that provides "user" information (md_plugin) and another,

# which acts as an adapter to the first, to provide group/permission information.

plugins =

    bjnozpw.lib.auth:md_plugin

    bjnozpw.lib.auth:md_group_plugin

然后来重写repoze的plugin

$ emacs bjnozpw/lib/auth.py

代码太长先贴到pastie里

http://pastie.org/954905