Many applications are surprisingly easy to create in Zope. This article will teach you how to create a simple user database using Zope objects for data storage.
We'll first create the Zope Page Template containing the login form. The page will also need to check whether the user has already submitted data. This will be done using a Script ( Python ) object –- the same object which will be responsible for creating the accounts of users.
Create a file named register_html and insert the following code into it:
The file first defines a variable named "regStatus" with a value based upon the result of a file named register. If the file returns a non-zero value, the value is displayed. If it doesn't, the registration form is displayed.
Before we create the register file, we need to create an external method. Since Zope forbids Script ( Python ) objects from using the "md5" module to hash data such as user passwords, we need to create a separate script to do this for us. External methods can contain any code. Fortunately, external methods are a breeze to create and use. In your Zope instance's folder ( not the document root ), there should be a folder called Extensions. In this folder, create a file named hash.py with this as its contents:
import md5
def hash ( text ): password = md5.new() password.update ( text ) password = password.hexdigest() return password
This will use the "md5" module to hash data given to it.
Next, create an External Method object in the same directory as our registration page.
We're now ready to move on. First, create a Folder object called users. This will store user data. Next, create a Script ( Python ) object named register. Add the following data to it:
if context.REQUEST.has_key ( 'username' ) and context.REQUEST.has_key ( 'password' ) and context.REQUEST.has_key ( 'email' ): if hasattr ( container.users, context.REQUEST.username ): return 'Sorry, someone else has registered with your username.' password = container.hash ( context.REQUEST.password ) container.users.manage_addProduct [ 'OFSP' ].manage_addFile ( context.REQUEST.username ) userObject = getattr ( container.users,context.REQUEST.username ) userObject.manage_addProperty ( 'password', password, 'string' ) userObject.manage_addProperty ( 'email', context.REQUEST.email, 'string' ) return 'Your account has been created.' return False
The script first checks to see if the user has filled in the required values. If the user hasn't, the script returns "False" and ends execution. It then checks to see if the username has been taken. If it has, it returns a message saying so and ends execution. Finally, if everything has gone right, it sends the hash object the user's password. The hash object hashes the user's password and returns it. The script then adds a File object with the user's username as its filename. A property called password is added to the File object containing the user's password. An property for the user's email is also added. The script then returns a success message.
The registration system is now complete. If you have followed the article correctly, you can now test it out.
