John (J5) Palmieri wrote:
On Thu, 2008-03-13 at 17:59 -0500, Toshio Kuratomi wrote:J5: Look at how jsonfas is implemented and tell me if that would for ths model.bzr branch bzr://bzr.fedorahosted.org/bzr/python-fedora/python-fedora-devel cd python-fedora-devel/fedora/tg/identity vim jsonfasprovider.py # Take a look at JsonFasIdentity -ToshioIt look promising though I am not totally sure how it works. Let me see if I get this right. At the start of the proxied request (basically just a TG controller in my domain which is called via JSON) I create a JsonFasIdentity and supply it with the user, username and password using the tg.identity object or is that the JsonFasIdentity? It will then set the correct cookies for the next link. I make my next JSON call to a FAS2 enabled resource like Bodhi and Bodhi treats me as if I was logged in? Is this correct? Do I call logout on the JsonFasIdentity object? Can this stand up to being called 10 times per page load for each query I need to make?
This is how jsonfasprovider works: 1) The user visits myfedora and enters a username/password to log in.2) The login request uses jsonfasprovider to authenticate the user against fas. Fas allows the user and sends a cookie back to myfedora. 3) myfedora (still via jsonfasprovider) sets the cookie on the user's browser.
This applies to myfedora because myfedora can use a similar method to send the user's authentication token to Bodhi. You'll inherit from BaseClient similar to what JsonFasIdentity does but targeted at Bodhi's location instead of FAS (Call it BodhiClient, for now).
1) Logged in user accesses myfedora 2) You instantiate a BodhiClient object.3) You set or have BodhiClient set _sessionCookie with the visit_key (available from identity.current.visit_key) 4) You call or have BodhiClient send_request() to retrieve your data. (Remember to specify auth=True since the client needs to retrieve the data for the authenticated user.)
5) Operate on the data.So you are proxying the session cookie that the user sends to you to the actual server that is providing the information.
Description: OpenPGP digital signature