Comments (8)
I see that you do not use tgauthmetada in app_cfg so the request.identity[user] is fetched by repoze.who.sqlalchemy.
in tg2.3.5 there are no changes related to user itself. maybe sqlalchemy upgrade? I suggest you follow the upgrade guidelines to turn back on the old middlewares and check that it is not something related to repoze.wjo.sqla together with the new sqla app wrapper
from tg2.
Hm, well yes, I did read the upgrade guide and was trying to stick with the old authentication layer for now, so I didn't change anything related to auth in app_cfg
and these are the packages installed:
repoze.what==1.0.9
repoze.what-pylons==1.0
repoze.what-quickstart==1.0.9
repoze.what.plugins.sql==1.0.1
repoze.who==1.0.19
repoze.who-friendlyform==1.0.8
repoze.who-testutil==1.0.1
repoze.who.plugins.sa==1.0.1
What do you mean by turning on the old middlewares?
from tg2.
Btw, I kinda fixed it through this workaround:
diff --git a/sauce/lib/base.py b/sauce/lib/base.py
index 8b8afa7..051cb6e 100644
--- a/sauce/lib/base.py
+++ b/sauce/lib/base.py
@@ -77,7 +77,7 @@ class BaseController(TGController):
request.identity = c.identity = environ.get('repoze.who.identity')
try:
- request.user = request.identity.get('user')
+ request.user = model.DBSession.merge(request.identity.get('user'))
except:
request.user = None
finally:
moschlar/SAUCE@91b5b9b#diff-e12debc3e7ced5534117e1927c17ccdcR80
from tg2.
Sorry, have been a bit confused in my answer :)
What do you mean by turning on the old middlewares?
In TG 2.3.5 most WSGI Middleware (like Transaction Manager) got replace with TurboGears Application Wrappers. This mixed with the old Repoze.who
+ repoze.who.plugins.sa
might lead to unexpected behaviours.
You might want to try to reenable the old behaviour: http://turbogears.readthedocs.org/en/latest/cookbook/upgrading.html#transaction-manager-is-now-an-application-wrapper if that fixes the issue is probably some odd behaviour enabled by the order the metadata retrieval and the transaction happen.
from tg2.
Found the reason for this :)
As suspected the cause is that the transaction manager starts the transaction after the User has been retrieved by repoze.who. Whenever the transaction manager starts a new transaction it expunges all the objects from the session, so your user gets expunged.
This can be solved by changing inside model/__init__.py
:
maker = sessionmaker(autoflush=True, autocommit=False,
extension=ZopeTransactionExtension())
to:
maker = sessionmaker(autoflush=True, autocommit=False,
extension=ZopeTransactionExtension(keep_session=True))
keep_session=False
on TurboGears actually doesn't make much sense as TurboGears itself expunges the objects at the end of the request. It makes sense to me that keep_session=True should be the default in newly quickstarted projects (don't know why currently it isnt't).
Can you try adding the option and let me know if everything works as expected without any side-effect?
from tg2.
Well yes, that seems to be fixing it! ;)
My test suite is currently failing elsewhere, but I highly doubt that it is linked to this issue.
Will maybe have time to fix that tomorrow.
from tg2.
With the occasion of this problem I decided to take the chance to tackle a few problems with the user identity retrieval due to how repoze.who works.
Currently the identity metadata is retrieved by a repoze.who metadata provider, while this was working, has several limits due to being executed outside TurboGears itself. Request is not available, cache is not available, transaction is not available and so on. You are actually working in plain WSGI as that is how repoze.who works.
So I introduced the IdentityApplicationWrapper
which is now in charge of metadata retrieval in place of repoze.who. It doesn't actually require any change in people code if they were already using sa_auth.authmetadata
but the metadata retrieval is now performed inside TurboGears request flow instead of outside.
This has some major benefits, the first is that your issue is automatically solved as the metadata is now retrieved when the transaction is available. The second is that being better integrated with TG itself it is now possible to leverage all the TG features, for example implementing cached authentication got much easier! (From http://turbogears.readthedocs.org/en/latest/cookbook/advanced_caching.html#caching-authentication to just http://turbogears.readthedocs.org/en/development/cookbook/advanced_caching.html#caching-authentication )
And if people face compatibility issues with their application is actually pretty straightforward to go back to old repoze.who
metadataprovider
: http://turbogears.readthedocs.org/en/development/cookbook/upgrading.html#identity-provider
from tg2.
Oh!
Now that I fixed the rest of my test suite, one failure persists:
Sprox setters (http://turbogears.readthedocs.org/en/latest/cookbook/Crud/index.html?highlight=setters#customizing-easycrudrestcontroller) don't work anymore with keep_session=True
. They are simply not setting the value they are supposed to set.
from tg2.
Related Issues (20)
- Using Kajiki & Jinja simultaneously doesn't work HOT 2
- configuration error: no challengers - Documentation for TG2 REST API with Bearer Token Authentication? HOT 1
- vontri gher HOT 2
- In quickstart template /error/document crashes if accessed directly
- Message in ErrorController should not include html tags
- Hooks documentration version 2.4.0 HOT 2
- Issues with @cached(type='memory') and no Accept-Language header HOT 1
- Error: tg.i18n.LanguageError: No translation file found for domain HOT 2
- "TypeError: No object (name: context) has been registered for this thread" when use config.__getitem__ in tgschedule
- kajiki include/import DOCTYPE tag HOT 2
- Python 3: TypeError (no context) which was not present on Python 2 HOT 2
- TurboGears2 and pytest conflict HOT 3
- ErrorPageApplicationWrapper without TraceErrorsMiddleware will mute tracebacks
- Secure attribute for webflash cookie HOT 3
- SQLAlchemy version conflict with TG2.4.3 devtools/SQLAlchemy >=1.4 and zope-sqlalchemy 1.4
- turbogears.org website certificate is expired HOT 1
- Activating Genshi lenient mode in Tg2
- localedir is overrides and not working
- Route/HTTP middleware after method should execute after exception response generate
- Error with objectproxy globals and current versions of mock
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tg2.