We currently ship with an LDAP-based authentication approach wherein plugins can use the @all_renderable class decorator and specify that its methods are "restricted". HTTP requests made to a restricted resource check whether the user is logged in and redirects them to /login if they aren't, e.g.
@all_renderable(restricted=True)
class Root(object):
...
We want authentication to be pluggable, so that a plugin could register its own named authentication approach. So instead of saying restricted=True we can instead say restricted='ragnarauth' and instead of being redirected to the default section, we'd be redirected to whatever login form was defined.
EliAndrewC
commented
8 years ago
We currently ship with an LDAP-based authentication approach wherein plugins can use the
@all_renderableclass decorator and specify that its methods are "restricted". HTTP requests made to a restricted resource check whether the user is logged in and redirects them to/loginif they aren't, e.g.We want authentication to be pluggable, so that a plugin could register its own named authentication approach. So instead of saying
restricted=Truewe can instead sayrestricted='ragnarauth'and instead of being redirected to the default section, we'd be redirected to whatever login form was defined.