You can just use the session id, call it a token instead of cookie and be happy
On Wed, Apr 27, 2016, 6:53 PM Gergely Polonkai <gergely@polonkai.eu> wrote:
I would create a separate view for this, like /falcon_login/, which could give you a plain text result. But that's totally up to you.--2016-04-27 16:57 GMT+02:00 Larry Martell <larry.martell@gmail.com>:Well, not really. I have managed to invoke my django login screen from
my Qt app, but after I log in, of course my django app comes up.
What I would like is to pass in some parameter to the login screen
(which is easy), and then have my django app detect that and after
successfully or unsuccessfully logging in, return a token or error
code to the Qt app and not bring up the django app. But I'm not sure
how to do that.
On Tue, Apr 26, 2016 at 9:27 AM, Gergely Polonkai <gergely@polonkai.eu> wrote:
>
> That means you have to be able to do it via the API. The other solution is to pop up a web view for these tasks. However, we are moving out from Django field here, as this is getting more and more a falcon/UX-related question.
>
>
> Gergely Polonkai
> about.me/gergely.polonkai
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CACwCsY6eH%3D1A2tQYSgxYVwMmzyRQj1dbkefzqr7XS8Cm1ZOHog%40mail.gmail.com.>
> 2016-04-26 14:19 GMT+02:00 Larry Martell <larry.martell@gmail.com>:
>>
>> I need to support create user, change password, delete user and forgot password.
>>
>> On Tue, Apr 26, 2016 at 7:32 AM, Gergely Polonkai <gergely@polonkai.eu> wrote:
>> >
>> >
>> > That's not a big issue if you really communicate with Django via a web-based API. If the user can't log in, you can simply redirect them to a web page. I don't see the need for user admin functions, though.
>> >
>> >
>> > Gergely Polonkai
>> > about.me/gergely.polonkai
>> >
>> > 2016-04-26 13:10 GMT+02:00 Larry Martell <larry.martell@gmail.com>:
>> >>
>> >> Well, the issue with simply implementing auth, is that we'd need to
>> >> not only implement login, which is easy, but also forgot password, and
>> >> all the user admin functions. Since we have that already with django I
>> >> want to leverage that and not reinvent the wheel.
>> >>
>> >> On Tue, Apr 26, 2016 at 2:29 AM, Gergely Polonkai <gergely@polonkai.eu> wrote:
>> >> > Now I somewhat understand what falcon is, I suggest that you simply
>> >> > implement auth on you web app (it seems to me there is none or little right
>> >> > now. Of course, you don't have to protect all iour views, or you may want to
>> >> > display a different dataset, but that's another topic.
>> >> >
>> >> > When that is done, you have to do two things in your Qt app. First, make
>> >> > sure that when the server says that you are not authorized, pop up a login
>> >> > window. After a successful login, store the user's credentials for later
>> >> > use. What type of authentication to use and what to store is up to your
>> >> > decision: HTTP Basic (store user/password), HTTP session (store the session
>> >> > cookie) or token (store the token) based auths are the most common examples.
>> >> >
>> >> > Best,
>> >> > Gergely
>> >> >
>> >> > On Apr 26, 2016 00:09, "Larry Martell" <larry.martell@gmail.com> wrote:
>> >> >>
>> >> >> The Qt app talks to the server with web requests routed to python code
>> >> >> by falcon. It currently has no authentication/authorization of any
>> >> >> kind. It's not a web app, you can't just navigate to any page, you can
>> >> >> only get to parts of the app the code lets you get to.
>> >> >>
>> >> >> The way I envision it (if possible) is that I would have a decorator
>> >> >> just like @login_required, and if that is called and the user is not
>> >> >> logged in, it would invoke the django login page - just like it works
>> >> >> in django. I think I can do most of this, the part I am unclear on is
>> >> >> how I get control from the django login page back to the Qt app.
>> >> >>
>> >> >> On Mon, Apr 25, 2016 at 5:26 PM, Gergely Polonkai <gergely@polonkai.eu>
>> >> >> wrote:
>> >> >> > Hello,
>> >> >> >
>> >> >> > this all depends on how this Qt app communicates with the other end
>> >> >> > (server
>> >> >> > side). Does it offer *any* kind of authentication/authorization? If so,
>> >> >> > look
>> >> >> > for ways to integrate it with Django. If not, you are screwed anyway
>> >> >> > (from
>> >> >> > security point of view), because even if your app pops up a login
>> >> >> > screen,
>> >> >> > there can (and will) be ways to get around it.
>> >> >> >
>> >> >> > Best,
>> >> >> > Gergely
>> >> >> >
>> >> >> > On Apr 25, 2016 22:37, "Larry Martell" <larry.martell@gmail.com> wrote:
>> >> >> >>
>> >> >> >> We have an existing django app with login, change password, and forgot
>> >> >> >> password functionality.
>> >> >> >>
>> >> >> >> Then we have this other app built with the falcon framework. The
>> >> >> >> client side of that is C++/Qt. That app has no login functionality -
>> >> >> >> you bring it up and you're in. We would like to somehow use the login
>> >> >> >> functionality of the django app in the falcon app. Is that even
>> >> >> >> possible? I was thinking that in the Qt app I could bring up the
>> >> >> >> django login page by invoking the URL for that app. But once they log
>> >> >> >> in, how could I get control back to the Qt app and not have it proceed
>> >> >> >> to the django app?
>> >> >> >>
>> >> >> >> Does this even make any sense? Has anyone ever done anything like this?
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
For more options, visit https://groups.google.com/d/optout.
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CACczBUL4RwkpBtbU-BPbdvJn%2BF6%3DGuW3MCwUNsfYNQv2PgSnXw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAFWa6t%2B-n5rQU5%3DiOXV2zMUfKMfi2Hgjrv73d7njhFoweW_AZg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment