source: waeup/branches/ulif-namespace/src/sirp/authentication.txt @ 4915

Last change on this file since 4915 was 4789, checked in by uli, 15 years ago

Merge changes from ulif-layout back into trunk (finally).

File size: 2.2 KB
Line 
1WAeUP portal authentication
2***************************
3
4:Test-Layer: functional
5
6We need to protect most pieces of our portals from unauthenticated
7access.
8
9Therefore users have to login to access main functionality and they
10are able to log out afterwards.
11
12Before we can check access we have to create an app:
13
14  >>> from waeup.app import University
15  >>> root = getRootFolder()
16  >>> u = University()
17  >>> root['app'] = u
18
19To make sure, we can 'watch' pages, we first have to initialize our
20test browser:
21
22  >>> from zope.testbrowser.testing import Browser
23  >>> browser = Browser()
24  >>> browser.handleErrors = False
25
26Creating users (principals)
27===========================
28
29Before we can login, we have to provide a user (``principal`` in Zope
30terms) with a password (and optional a title or description):
31
32  >>> root['app']['users'].addUser('bob', 'bobsecret',
33  ...                           title='Bob', description='A sample user')
34
35We can also add complete `Account` objects. An `Account` stores the
36user credentials and some metadata persistently:
37
38  >>> from waeup.authentication import Account
39  >>> alice = Account('alice', 'alicesecret')
40  >>> root['app']['users'].addAccount(alice)
41
42See ``users.txt`` for details about the UserContainer we use here.
43
44
45Logging in via side bar
46=======================
47
48We can access the front page without restrictions:
49
50  >>> browser.open('http://localhost/app')
51  >>> print browser.headers['Status']
52  200 Ok
53
54There is a login form on the front page sidebar:
55
56  >>> 'form.login' in browser.contents
57  True
58
59  >>> 'form.logout' in browser.contents
60  False
61
62We use this form:
63
64  >>> browser.getControl(name='form.login').value = 'bob'
65  >>> browser.getControl(name='form.password').value = 'bobsecret'
66  >>> browser.getControl('Login').click()
67
68Now the login form is gone. Instead we have the opportunity to logout:
69
70  >>> 'form.login' in browser.contents
71  False
72
73  >>> logout = browser.getLink('Logout')
74  >>> logout
75  <Link text='Logout' url='http://localhost/app/@@logout'>
76
77The user title is also displayed in the sidebar:
78
79  >>> 'Bob' in browser.contents
80  True
81
82We can also log out afterwards:
83
84  >>> logout.click()
85
86Now we are logged out again:
87
88  >>> 'form.login' in browser.contents
89  True
Note: See TracBrowser for help on using the repository browser.