CherryPy自定义工具,用于用户身份验证 [英] CherryPy Custom Tool for user authentication
问题描述
我试图在我的CherryPy控制器类中设置一种简单的装饰方法,以便如果用户尚未通过身份验证,则将其重定向到登录页面.我打算做一个基本的Python装饰器,但此处的答案建议我请改用CherryPy自定义工具.因此,我正在尝试这样做,但是我无法使其正常工作.这就是我所拥有的:
I'm trying to set up a simple way of decorating methods in my CherryPy controller classes so that a user is redirected to the login page if they haven't authenticated yet. I was going to do a basic Python decorator, but an answer here suggested I use a CherryPy Custom Tool instead. So I'm trying to do that, but I can't get it to work. Here's what I have:
def authenticate():
user = cherrypy.session.get('user', None)
if not user:
raise cherrypy.HTTPRedirect('/?errMsg=Please%20log%20in%20first')
cherrypy.tools.authenticate = cherrypy.Tool('on_start_resource', authenticate)
/home
页面是应仅限于经过身份验证的用户的页面,所以我有以下内容:
The /home
page is a page that should be restricted to authenticated users, so I have this:
@cherrypy.expose
@cherrypy.tools.authenticate
def home(self, **kwargs):
tmpl = TemplateDir.get_template('home.mako')
return tmpl.render()
但是,当我尝试启动我的网站时出现此错误:
However, I get this error when I try to start my web site:
Traceback (most recent call last):
File ".\example.py", line 3, in <module>
from controller.main import Root
File "C:\...\controller\main.py", line 9, in <module>
class Root(BaseModule):
File "C:\...\controller\main.py", line 19, in Root
@cherrypy.tools.authenticate
File "C:\Python26\lib\site-packages\cherrypy\_cptools.py", line 119, in
__call__ % self._name)
TypeError: The 'authenticate' Tool does not accept positional arguments; you must
use keyword arguments.
好的,如果我将自定义工具的使用方式更改为带有括号,则会出现另一个错误.
okay, if I change my use of the custom tool to have parentheses, I get a different error.
@cherrypy.expose
@cherrypy.tools.authenticate() # Magic parentheses...
def home(self, **kwargs):
...
现在我得到了:
Traceback (most recent call last):
File "C:\Python26\lib\site-packages\cherrypy\_cprequest.py", line 625, in respond
self.hooks.run('on_start_resource')
File "C:\Python26\lib\site-packages\cherrypy\_cprequest.py", line 97, in run
hook()
File "C:\Python26\lib\site-packages\cherrypy\_cprequest.py", line 57, in __call__
return self.callback(**self.kwargs)
File ".\example.py", line 40, in authenticate
user = cherrypy.session.get('user', None)
AttributeError: 'module' object has no attribute 'session'
我的会话已打开:
cherrypy.tools.sessions.storage_type = 'file'
cherrypy.tools.sessions.storage_path = r'%s\sessions' % curDir
cherrypy.tools.sessions.timeout = 60
cherrypy.tree.mount(Root(), "/", config={
'/static': {
'tools.staticdir.on':True,
'tools.staticdir.dir':r'%s\static' % curDir,
},
'/': {
'tools.sessions.on':True,
}
})
当我第一次在Web方法上使用自定义工具装饰器加载页面时,出现此错误:
When I first load the page with my custom tool decorator on the web method, I get this error:
AttributeError:模块"对象没有属性会话"
AttributeError: 'module' object has no attribute 'session'
然后,当我重新加载页面时,出现此错误:
Then when I reload the page, I get this error:
AttributeError:'_Serving'对象没有属性'session'
AttributeError: '_Serving' object has no attribute 'session'
编辑:即使在我的控制器类中进行了很多尝试,我仍然收到模块对象没有属性会话"错误:
even trying this much in my controller class, I still get the 'module object has no attribute session' error:
class Root(BaseModule):
_cp_config = {'tools.sessions.on': True}
sess = cherrypy.session # Error here
...
推荐答案
我使用了错误的钩子.更改:
I was using the wrong hook. Changing:
cherrypy.tools.authenticate = cherrypy.Tool('on_start_resource', authenticate)
收件人:
cherrypy.tools.authenticate = cherrypy.Tool('before_handler', authenticate)
解决了问题.显然,我的authenticate
方法是在打开会话之前被调用的,因此它无法访问cherrypy.session
.我的控制器中不需要任何会话开启功能.所有必要的操作就是我的服务器启动脚本中的以下内容:
Fixed the problem. Apparently my authenticate
method was getting called before sessions had been turned on, so it couldn't access cherrypy.session
. I didn't need any session-turn-on stuff in my controllers; all that was necessary was the following in my server-start script:
def authenticate():
...
cherrypy.tools.authenticate = cherrypy.Tool('before_handler', authenticate)
cherrypy.tree.mount(Root(), "/", config={
"/": {
'tools.sessions.on':True,
'tools.sessions.storage_type':'file',
'tools.sessions.storage_path':r'%s\sessions' % curDir,
'tools.sessions.timeout':60
}, ...
})
然后,在我的控制器中使用受限方法:
Then, in my controller on a restricted method:
@cherrypy.expose
@cherrypy.tools.authenticate()
def home(self, **kwargs):
...
这篇关于CherryPy自定义工具,用于用户身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!