[英]How can I do authkit authentication with Cookies and/or a GET/POST param?
I am building an application and I would like to try and use authkit for authentication and authorization. 我正在构建一个应用程序,我想尝试使用authkit进行身份验证和授权。 However, I know that I will be using swfupload and will not be able to rely on the auth cookie being passed through Flash. 但是,我知道我将使用swfupload,并且将不能依赖通过Flash传递的auth cookie。 In the past I have rolled my own cookie/auth solution from the ground up but I would love to avoid doing that this time. 过去,我从头开始构建自己的cookie / auth解决方案,但这次我希望避免这样做。
Is there a way to configuration authkit.authenticate.cookie
to fallback to a POST
or GET
param if the cookie is not found? 如果找不到cookie,是否可以将authkit.authenticate.cookie
配置为回authkit.authenticate.cookie
POST
或GET
参数? Or is there an easy method to add this functionality on top of the form, cookie
or redirect, cookie
methods? 还是有一种简单的方法可以在form, cookie
或redirect, cookie
方法的基础上添加此功能?
I came across this same problem just today. 就在今天,我遇到了同样的问题。 The most common solution people seem to be using is to inject the Authkit cookie values back into the request's cookies from a POST var, which is added to the request by the swfupload cookies plugin . 人们似乎最常用的解决方案是将POST变量中的Authkit cookie值注入回请求的cookie中,该变量由swfupload cookies插件添加到请求中。 There are some recipes out there for doing this, but I couldn't find one for Pylons. 有一些食谱可以做到这一点,但我找不到Pylons的食谱。
I've thrown together this little piece of middleware which seems to do the job. 我把这个小小的中间件拼凑在一起,看起来很不错。
from webob import Request
class AuthkitCookieFromPost(object):
"""Injects authkit cookie value from swfupload cookies plugin"""
def __init__(self, app):
self.app = app
def __call__(self, environ, start_response):
request = Request(environ)
authkit_token = request.POST.get('authkit')
cookies = environ.get('HTTP_COOKIE')
if authkit_token and not cookies:
environ['HTTP_COOKIE'] = "authkit=" + authkit_token
return self.app(environ, start_response)
You need to include this in your middleware config so that it's called before Authkit, ie. 您需要将此包含在中间件配置中,以便在Authkit之前调用它,即。 below it in the conf. 在conf下面。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.