Differences between revisions 7 and 8
Revision 7 as of 2009-07-24 13:17:20
Size: 5004
Revision 8 as of 2009-07-24 13:31:17
Size: 5115
Deletions are marked like this. Additions are marked like this.
Line 94: Line 94:
 *[http://www.turbogears.org/2.0/docs/main/Auth/Authentication.html Official Documentation on Authentication]


Not directly via config, no.

Your post pointed me in the right direction. I tried your idea, but
the SessionMiddleware is needed (they call it core middleware  for a
reason). Other code expects it to be there, so it can't be just
removed. Instead, I went one level deeper and modified the
SessionMiddleware itself to NOT set a cookie. I didn't want to modify
the beaker package itself of course (bad practice). I could in theory
subclass the beaker SessionMiddleware and then sublass AppConfig to
add my custom SessionMiddleware, but it becomes a little cumbersome.
So, I ended up just replacing the __call__the method of the original
beaker SessionMiddleware in my AppCfg.py file. The commented lines
bellow are the lines that set the cookie:

### Start code #####
from beaker.middleware import SessionMiddleware
from beaker.session import SessionObject
def custom_session_middleware__call__(self, environ, start_response):
   session = SessionObject(environ, **self.options)
   if environ.get('paste.registry'):
       if environ['paste.registry'].reglist:
           environ['paste.registry'].register(self.session, session)
   environ[self.environ_key] = session
   environ['beaker.get_session'] = self._get_session

   def session_start_response(status, headers, exc_info = None):
       #if session.accessed():
       #    session.persist()
       #    if session.__dict__['_headers']['set_cookie']:
       #        cookie = session.__dict__['_headers']['cookie_out']
       #        if cookie:
       #            headers.append(('Set-cookie', cookie))
       return start_response(status, headers, exc_info)
   return self.wrap_app(environ, session_start_response)

SessionMiddleware.__call__ = custom_session_middleware__call__
### End code #####

mounting test-controllers/getting root-controller instance

Assuming the paster-stuff is bootstrapped through code like

  here_dir = os.path.dirname(os.path.abspath(ableton.__file__))
  conf_dir = os.path.dirname(here_dir)
  wsgiapp = loadapp('config:test.ini', relative_to=conf_dir)

you then can do it simply like this (inside a function/method!!)

  import myproject.controllers.root as root
  root.RootController.mountpoint = TestController()

Then you can access the controller through the usual


Of course mounting of whole controller hierarchies is perfectly fine.

So I create a function in our base-test-class that allows to register a passed
controller for a given mountpoint. Voila, greatness ensues.

retrieve user identity

  • You can get the current logged in identity by grabbing it from the


identity = request.environ.get('repoze.who.identity')
user = identity.user
group_names = identity.groups
  • Lots of folks do something like this in their call method of their


tmpl_context.identity = request.environ.get('repoze.who.identity')
  • In your template you could do the following:

    <li py:if="tg.predicates.has_permission('can_manage_links')"><a href="${tg.url('/links/')}">Postal Links Mgmt</a></li>
    <li py:if="tg.predicates.has_any_permission('can_create_events', 'can_edit_events', 'can_delete_events')">
    <a href="${tg.url('/events/')}">Events Mgmt</a></li>
    <li py:if="tg.predicates.has_permission('can_see_ban_reason')"><a href="${tg.url('/usermgt/')}">User Mgmt</a></li>
  • OR

<span py:if="tg.predicates.in_group('banned')">

login_handler and userid


I am trying to implement post logon url so that the user is directed
to an appropriate page after they log in.  How do I specify which page
the user will get directed to based on their username and password.
The users permissions must be used to determine the proper page


Have a look at the post_login method of RootController. Change the
last few lines to

userid = request.identity['repoze.who.userid']
if came_from.decode() == '/':
   came_from = tg.url(get_userpage(userid))

get_userpage should contain your page access logic and return a url
string based on userid

General Errors

Addition modules required

ImportError: No module named MySQLdb

Fixed with:

easy_install MySQL-python

ToscaWidget conflict

  Installed /home/lek/work/mine/tg2env/lib/python2.6/site-packages/tw.forms-
  error: Installed distribution ToscaWidgets conflicts with requirement ToscaWidgets>=
  • Fixed with:

easy_install -U tw.forms

MyWiki: TurboGears2/faq (last edited 2011-02-02 19:40:03 by LukaszSzybalski)