On 8/8/06, Pawel J. Sawicki <[EMAIL PROTECTED]> wrote: > > So my question is the following :) > > Does the new "Multiple Auth Backend" model really make the "middleware > approach" for the http authentication obsolete?
It doesn't make the middleware approach obsolete, though it should. The login function stores an identifier in a session key and that session variable is read by the get_user function (which is called to populate request.user) Sessions rely on cookies however. I'd love to have a flexible, non-cookie dependent way of logging in a user, but it just wasn't a prioriity for me when I wrote the code. Also, I didn't have a clear idea of what it should look like. For practicality, it would be great if you could do http auth via middleware and post your code to the wiki. Another similar use case, which I think people have done, is logging in with another app, or with apache, and checking for the cgi REMOTE_USER var. You might want to search for that. > don't you think that having a http authentication capabilities in > django would be a plus? I think it would be great to have http auth. Especially for private RSS feeds. I don't think http auth middleware will make it into Django's core, but I'd hope that once the multi-auth stuff is fixed, a new version of it would. Joseph --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~----------~----~----~----~------~----~------~--~---
