> So my newbie question is: Is there a way a better way to design/
> obfuscate the URL scheme when dealing with sensitive information? I
> know once I get some sort of authentication in place that will help,
> but the idea of showing sensitive info in a URL still has me
> concerned.
The simple answer is "don't put anything sensitive in the URL".
In this case, that would mean not exposing things like SSNs in
the URL. Since the teacher_id/student_id isn't sensitive,
they're fine in the URL. However, you don't want people
accessing these URLs if they're not permitted to access them.
Enter Django's contrib.auth module.
Using Django's built-in "auth" module, it's dead-easy to do and
allows you to decorate your views with "login_required". For
some example code, I'm just guessing at your models, but if one
student can have more than one teacher (as is often the case),
you'd have a M2M relationship between them. However, if grades
are related to this relationship, you'd have to jockey the M2M
yourself.
I assume models like
# models.py
class Teacher(Model):
user_id = ForeignKey(auth.User)
# rest of definition
class Student(Model):
# definition
class Class(Model): # don't know if this name is bad
student = ForeignKey(Student, related_name='classes')
teacher = ForeignKey(Teacher, related_name='classes')
# rest of definition
class Grades(Model):
class = ForeignKey(Class)
grade = CharField(...)
# views.py
from django.contrib.auth.decorators import login_required
from django.shortcuts import get_object_or_404
@login_required
dev view_grades(request, student_id):
# you don't need the teacher's ID in the URL
# because they're linked to the request.user
# the query would then look something like this
try:
student_id = int(student_id)
except:
raise Http404
this_teachers_students = \
Student.objects.select_related().filter(
classes__teacher__user_id =
request.user.id
)
student = get_object_or_404(
this_teachers_students,
student_id
)
...
If the user isn't logged in and tries to request the view, they
get redirected to the login form.
If the user is logged in, but doesn't teach this student, they
should get a 404, because for them, this student doesn't exist.
You could customize it and return a more truthful HTTP error such
as a 403 (Forbidden) because the object might or might not be
found, but either way, they're not permitted to go poking around
here.
-tim
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
