# HG changeset patch
# User paulb
# Date 1085932698 0
# Node ID ef8ed7f6e97abd927300a1798fe8dfaaf79b2976
# Parent  c617a9e3f55dfb5fdd434b1b7ceeb84b1e86e3b6
[project @ 2004-05-30 15:58:16 by paulb]
Moved anonymous user handling back into LoginRedirect which sets the
anonymous user cookie.

diff -r c617a9e3f55d -r ef8ed7f6e97a examples/Common/Login/__init__.py
--- a/examples/Common/Login/__init__.py	Sun May 30 15:34:05 2004 +0000
+++ b/examples/Common/Login/__init__.py	Sun May 30 15:58:18 2004 +0000
@@ -9,23 +9,16 @@
 
     "A resource providing a login screen."
 
-    def __init__(self, authenticator, anonymous_parameter_name=None, anonymous_username="anonymous", use_redirect=1):
+    def __init__(self, authenticator, use_redirect=1):
 
         """
         Initialise the resource with an 'authenticator'.
 
-        If the optional 'anonymous_parameter_name' is set, clients providing a parameter
-        of that name in the URL will not be authenticated, but then such clients will not
-        get a user identity associated with them. The optional 'anonymous_username' is the
-        username appearing as the identity of anonymous users.
-
         If the optional 'use_redirect' flag is set to 0, a confirmation screen is given
         instead of redirecting the user back to the original application.
         """
 
         self.authenticator = authenticator
-        self.anonymous_parameter_name = anonymous_parameter_name
-        self.anonymous_username = anonymous_username
         self.use_redirect = use_redirect
 
     def respond(self, trans):
@@ -44,19 +37,9 @@
         else:
             redirect = ""
 
-        # Check for the anonymous parameter, if appropriate.
-
-        if self.anonymous_parameter_name is not None and fields_path.has_key(self.anonymous_parameter_name):
-
-            # Make a special cookie token.
+        # Check for a submitted login form.
 
-            self.authenticator.set_token(trans, self.anonymous_username)
-            self._redirect(trans, redirect)
-            return
-
-        # Otherwise, check for a submitted login form.
-
-        elif fields_body.has_key("login"):
+        if fields_body.has_key("login"):
             if self.authenticator.authenticate(trans):
                 self._redirect(trans, redirect)
 
diff -r c617a9e3f55d -r ef8ed7f6e97a examples/Common/LoginRedirect/__init__.py
--- a/examples/Common/LoginRedirect/__init__.py	Sun May 30 15:34:05 2004 +0000
+++ b/examples/Common/LoginRedirect/__init__.py	Sun May 30 15:58:18 2004 +0000
@@ -8,15 +8,17 @@
 
     "A resource redirecting to a login URL."
 
-    def __init__(self, login_url, app_url, resource, authenticator, anonymous_parameter_name=None):
+    def __init__(self, login_url, app_url, resource, authenticator, anonymous_parameter_name=None,
+        anonymous_username="anonymous"):
 
         """
         Initialise the resource with a 'login_url', an 'app_url' where the 'resource' for
         the application being protected should be reachable, and an 'authenticator'.
 
         If the optional 'anonymous_parameter_name' is set, clients providing a parameter
-        of that name in the URL will have that parameter sent specially to the login
-        application.
+        of that name in the URL will not be authenticated, but then such clients will get
+        a predefined user identity associated with them, configurable using the optional
+        'anonymous_username'.
         """
 
         self.login_url = login_url
@@ -24,27 +26,35 @@
         self.resource = resource
         self.authenticator = authenticator
         self.anonymous_parameter_name = anonymous_parameter_name
+        self.anonymous_username = anonymous_username
 
     def respond(self, trans):
 
+        fields_path = trans.get_fields_from_path()
+
         # Check the authentication details with the specified authenticator.
 
         if self.authenticator.authenticate(trans):
+
+            # If successful, pass on the transaction.
+
             self.resource.respond(trans)
-        else:
-            # Define anonymous mode, if appropriate.
+
+        # Check for the anonymous parameter, if appropriate.
 
-            fields_path = trans.get_fields_from_path()
+        elif self.anonymous_parameter_name is not None and fields_path.has_key(self.anonymous_parameter_name):
+
+            # Make a special cookie token, then pass on the transaction.
 
-            if self.anonymous_parameter_name is not None and fields_path.has_key(self.anonymous_parameter_name):
-                anonymous_parameter = "%s=%s&" % (self.anonymous_parameter_name, fields_path[self.anonymous_parameter_name][0])
-            else:
-                anonymous_parameter = ""
+            self.authenticator.set_token(trans, self.anonymous_username)
+            self.resource.respond(trans)
+
+        else:
 
             # Redirect to the login URL.
 
-            trans.set_header_value("Location", "%s?%sredirect=%s%s" % (
-                self.login_url, anonymous_parameter, self.app_url, self._encode(trans.get_path()))
+            trans.set_header_value("Location", "%s?redirect=%s%s" % (
+                self.login_url, self.app_url, self._encode(trans.get_path()))
             )
             trans.set_response_code(307)
 
@@ -88,4 +98,17 @@
         else:
             return 0
 
+    def set_token(self, trans, username):
+
+        "Set an authentication in the 'trans' with the given 'username'."
+
+        trans.set_cookie_value(
+            self.cookie_name,
+            get_token(username, self.secret_key)
+        )
+
+        # Update the transaction with the user details.
+
+        trans.set_user(username)
+
 # vim: tabstop=4 expandtab shiftwidth=4