Tuesday, January 31, 2012

Re: Help using index view to render registration form from registration app

On Tue, 31 Jan 2012 20:33:56 +0000, Jenna Pullen
<pullenjenna10@gmail.com> wrote:

>Hi Dennis,
>
>thanks for the reply. The index / root of my site will contain the
>registration page for new users to sign up and contain a login page
>for people who are already registered to log in. so yes i would want
>this functionality on the default page and not have to redirect to a
>specific registration url for member to register.
>

I still have the impression you are putting the cart before the
horse.

Let me make a few assumptions about the typical web site, and see
what implications I can infer:

* your site will have multiple subpages with different content per
page.

* all content pages require a viewer to be "logged in" (have a valid
session cookie, or whatever the authentication scheme uses)

* session cookies have some expiration time

* users (who are out of your control) can bookmark any subpage URL in
order to return to that page quickly, bypassing any site navigation

implies
=> ANY page URL might be requested by someone who does not have a
current/valid authentication session cookie

This means that handlers for all "normal" content pages must include
the ability to redirect non-authenticated users to a "log in" page; and
to be friendly, after a valid log-in, that page should return them to
the URL they initially requested and not some top-level of your site.

Since all pages need to handle this action, making the root of the
web site a log-in/registration page is somewhat futile (besides which,
if a user WITH a session cookie reenters your root URL, your "log in"
page is going to have to detect that cookie and redirect to some other
top-level page).

Also note that my prior response never said that your page would
redirect to a registration page. Rather it was that the log-in page
would have a button or link /to/ a registration page for new users.
Otherwise you end up with a log-in page handler that has to
differentiate between a log-in and a registration.

#pseudo-code
sessionkey = None
if username and password:
if validate(username, password):
sessionkey = newcookie()
else:
#INVALID LOGIN
else:
if allregistrationdatasupplied(*args):
if noconflict(newusername):
addnewusertodatabase(*args):
sessionkey = newcookie()
else:
#USER NAME ALREADY IN USE
else:
#MISSING REGISTRATION DATA

if sessionkey:
#return top-level page and session cookie
else:
#redisplay log-in/registration page with added error message
--
Wulfraed Dennis Lee Bieber AF6VN
wlfraed@ix.netcom.com HTTP://wlfraed.home.netcom.com/

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.

No comments:

Post a Comment