我有一个 web.py 应用程序,我在本地通过 mod_wsgi 运行(http://localhost/...)。我已经开始向我的应用程序添加身份验证,并希望使用 web.py 的内置模块。我从这里找到的一个简短示例开始:http://log。 liminastudio.com/programming/howto-use-openid-with-web-py
import web, web.webopenid
urls = (
r'/openid', 'web.webopenid.host',
r'/', 'Index'
)
app = web.application(urls, globals())
class Index:
def GET(self):
body = '''
<html><head><title>Web.py OpenID Test</title></head>
<body>
%s
</body>
</html>
''' % (web.webopenid.form('/openid'))
return body
if __name__ == "__main__": app.run()
这在终端中运行得很好,并转到 http://c-farrell.blogspot.com /2010/11/usrbinenv-pythonimport-webfrom-web.html 采用了类似的技术,但对我来说更有意义。
#!/usr/bin/env python
import web
from web import webopenid
urls = (
'/', 'index',
'/openid', 'webopenid.host',
)
... more code ...
class index:
def GET(self):
oid = webopenid.status()
if not oid:
return 'please log in: ' + \
webopenid.form('/openid')
else:
return 'you are logged in as:' + \
webopenid.form('/openid')
这就是我有点迷失的地方。据我所知,传递给 form 的参数是登录后的返回 URL。例如,如果我输入“http://www.yahoo.com/”,它将带我到那里每次登录尝试。我觉得这应该指向我自己的控制器并检查那里,但约定似乎是使用 web.webopenid.host 控制器,我猜它处理 id 并返回到基本的“/”url。我想我已经到达那里了,但返回的状态始终是None。
根据我当时收集的信息,这要么是代码问题,要么是我的 apache 配置中的某些内容导致身份验证无法正常工作。在 web.webopenid 中,该库在与 Web 服务器相同的目录中创建一个 .openid_secret_key 文件。当我运行示例代码时,就会创建它。当我通过 apache 运行我的代码时,它不会(至少不会在 cgi-bin 中。其他地方?)无论如何,如果每次都没有生成或重新生成该文件,它将阻止我登录。我相信这是一个 apache 问题,因为我尝试通过 web.py 网络服务器运行我的应用程序,并且我确实创建了文件并且可以进行身份验证。我所能得出的结论是该文件没有被写入,并且每个后续查询都会尝试一个新文件,但我永远无法进行身份验证。任何 apache/mod_wsgi 专家都可以向我解释这个文件是在哪里写入的,或者这是否是实际的问题?
I have a web.py app I'm running through mod_wsgi locally (http://localhost/...). I've gotten to the point of adding authentication to my app and wanted to use web.py's builtin module. I started with a brief example found here: http://log.liminastudio.com/programming/howto-use-openid-with-web-py
import web, web.webopenid
urls = (
r'/openid', 'web.webopenid.host',
r'/', 'Index'
)
app = web.application(urls, globals())
class Index:
def GET(self):
body = '''
<html><head><title>Web.py OpenID Test</title></head>
<body>
%s
</body>
</html>
''' % (web.webopenid.form('/openid'))
return body
if __name__ == "__main__": app.run()
This works well enough running in the terminal and going to http://localhost:8080/. Another example http://c-farrell.blogspot.com/2010/11/usrbinenv-pythonimport-webfrom-web.html does a similar technique but makes more sense to me.
#!/usr/bin/env python
import web
from web import webopenid
urls = (
'/', 'index',
'/openid', 'webopenid.host',
)
... more code ...
class index:
def GET(self):
oid = webopenid.status()
if not oid:
return 'please log in: ' + \
webopenid.form('/openid')
else:
return 'you are logged in as:' + \
webopenid.form('/openid')
Here's where I get a little lost. From what I can tell, the argument passed to form is the return URL after signing in. For example, if I put 'http://www.yahoo.com/' it will take me there after every login attempt. I feel like this should point back to my own controller and just check there, but the convention seems to be to use the web.webopenid.host controller, which I guess handles the id and returns to the base '/' url. I think I'm getting there, but the status returned is always None.
From what I gather then, this is either a code issue, or there's something in my apache configuration that is keeping the authentication from working. In web.webopenid, the library creates a .openid_secret_key file in the same directory as the web server. When I run the example code, this gets created. When I run my code through apache, it does not (at least not in the cgi-bin. Somewhere else?) Anyway, if this file isn't being generated or being regenerated every time, it will keep me from logging in. I believe it's an apache issue as I tried running my app through the web.py webserver and I did get the file created and I can authenticate. All I can conclude is this file isn't being written and every subsequent query tries a new file and I can never authentication. Can any apache/mod_wsgi gurus explain to me where this file is being written or if this is the actual problem?
发布评论
评论(1)
在回答 mod_wsgi 列表上的同一问题时给出了最可能明显的原因。请参阅:
https://groups.google.com/d/msg/modwsgi/iL65jNeY5jA /KgEq33E8548J
它可能是前两者的组合,当前工作目录和 Apache 用户访问权限。
Most likely obvious causes for this were given in answer to same question on mod_wsgi list. See:
https://groups.google.com/d/msg/modwsgi/iL65jNeY5jA/KgEq33E8548J
It is probably a combination of the first two, current working directory and Apache user access rights.