Comments (5)
I have a pull request almost ready, but have some difficulties with the tests.
from bottle-cork.
The library exposes successful actions and errors to the developer (using exceptions). Developers can then implementing their logging as preferred.
The reason for not logging directly from the library is flexibility. (e.g. choosing what to log and how, how much detail to provide, i18n...)
from bottle-cork.
Thanks for the response.
It looks like login
and logout
do expose success or failure only via http redirection, which is a bit cumbersome to use (one as to define a special redirection target only for logging purpose).
The reason of failure (as expressed by exception) are lost. And the name of the user who did the logout is also lost when it succeed (so the application has to track it outside of the session to log it).
I understand the concerns of logging flexibility, however a basic logging of success/failure for login/logout/passwd change with no i18n would looks sufficient for basic auditing needs (which is a needed feature for all authentication applications).
Also, using a logger with a configuration file would allow developer to disable such logging if needed.
Please tell me if I've missed something about logging login/logout and so one on the application side, and if you want me to finalize a PR or not.
from bottle-cork.
On login
, success_redirect and fail_redirect are optional. When set to None, login will throw exceptions. Generally speaking, all functions are meant to throw meaningful exceptions to let developers handle them before returning errors to the user.
from bottle-cork.
Of course you're right (and i feel dumb) !
Sorry for not having seen it before… and thanks a lot for your help.
from bottle-cork.
Related Issues (20)
- Doco links to dead-ish downloads page on Github
- Best way to add more user fields to user profile? HOT 1
- Registration email fails if TEMPLATE_PATH is not /views/ HOT 2
- Login timeout too short HOT 1
- make doc error HOT 1
- Subclassing User HOT 2
- Security issue? problematic defaults for hashlib.pbkdf2_hmac HOT 1
- Registration does not check pending_registrations collection for existence of the user name HOT 4
- http://cork.firelet.net/ is down HOT 1
- pip update? HOT 1
- Documentation website is down HOT 1
- mongo backend doesn't work with mongdb 3.4
- Email Not Sent - Auth Error HOT 6
- TypeError @ _setup_cookie when signing/logging in HOT 1
- Docs not accessible
- Question ? Cork without beaker
- There's an error when installing
- Sqlite code leads to SQL injection vulnerability
- Failed to install: dependency issue with pycrypto
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bottle-cork.