On Thu, Jan 1, 2009 at 11:30 PM, nbv4 <cp368...@ohio.edu> wrote:
>
> I have a webapp that is accessed by the following urls (among others):
>
> example.com/foobar-page-23
> example.com/preferences
> example.com/barfoo
>
> etc.
>
> When these URL's are access, the page is displayed using data from the
> user who is logged in via request.user.
>
> I also want it so the user can link others via:
>
> example.com/share-34-gHy6GdY/foobar-page-23
> example.com/share-34-gHy6GdY/barfoo
>
> where 34 is the user_id and the stuff after the dash is just 34 ran
> through a sha1-type hash to provide some simple security. This page
> will display data as if request.user is user #34, except of course
> request.user.is_authenticated() will return false, and the widgets for
> changing data will be hidden in the template, and the navigation links
> will not display "preferences" and the link.
May be this works:
class FakeUser(User):
def is_authenticated():
return False
def fakeuser_view_func(request, user_id, ...):
code...
fake_user = FakeUser.object.get(pk=param1)
request.user = fake_user
return real_view(request, ....)
> I'm just wondering whats the best way to go about this? Am I going to
> have to write code into each view that substitutes request.user with
> User(pk=34), or should I make a separate view for the sharing
> functionality that passes a modified 'request' object to the other
> view? How would 'yall django experts go about attacking this one?
I'm no expert, just a django lover. Test before deploy
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
