Home arrow Zope arrow Page 3 - Flat User Management in Zope

Login - Zope

Many applications are surprisingly easy to create in Zope. This article will teach you how to create a simple user database using Zope objects for data storage.

  1. Flat User Management in Zope
  2. Registration
  3. Login
  4. Verification
By: Peyton McCullough
Rating: starstarstarstarstar / 9
February 07, 2005

print this article



We now need to create a login system that allows the user to login with his or her username and password. Create a Zope Page Template object named login_html. The login_html object is almost identical to the register_html object in the previous section:

   <body tal:define='logStatus container/login'>
      <span tal:condition='logStatus'>
         <span tal:replace='logStatus'></span>
      <span tal:condition='not:logStatus'>
         <form method='POST'>
            <label>Username:</label><br />
            <input type='text' name='username'><br />
            <label>Password:</label><br />
            <input type='password' name='password'><br />
            <input type='submit' value='Login'>

However, instead of calling the register object, it calls an object named login. Create a Script ( Python ) object called login:

if context.REQUEST.has_key ( 'username' ) and context.REQUEST.has_key ( 'password' ):
   if not hasattr ( container.users, context.REQUEST.username ):
      return 'No such user exists.'
   password = container.hash ( context.REQUEST.password )
   userObject = getattr ( container.users,context.REQUEST.username )
   if password != userObject.password:
      return 'You have specified an incorrect password.'
   context.REQUEST.RESPONSE.setCookie ( 'username', context.REQUEST.username )
   context.REQUEST.RESPONSE.setCookie ( 'password', password )
   return 'You have successfully logged in!'
return False

Like the register object, the login object first checks to see if the user has submitted the appropriate values. If the user hasn't, the script returns "False" and stops execution. This signals the login_html object to display the login form. If the user has supplied the appropriate values, the script checks to see if the username even exists. If the username does not exist, the script returns a message saying so. If the username does exist, the script uses the hash object to, once again, hash the user's password. It then check to see if the supplied password and the stored password match. If they do, it sets one cookie containing the user's username, and another cookie containing the user's hashed password. It then returns a success message.

The login system is now done, and it will work in conjunction with the registration system. Feel free to test both systems out.

>>> More Zope Articles          >>> More By Peyton McCullough

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort


- Creating Zope Products
- Plone Content Types With Archetypes
- Flat User Management in Zope
- Creating Basic Zope Applications
- Getting started with Zope for Linux and Sola...
- ZPT Basics (part 4)
- ZPT Basics (part 3)
- ZPT Basics (part 2)
- ZPT Basics (part 1)
- Exception Handling In DTML
- DTML Basics (part 4)
- DTML Basics (part 3)
- DTML Basics (part 2)
- DTML Basics (part 1)
- Using Zope With Apache

Developer Shed Affiliates


Dev Shed Tutorial Topics: