Chapter 22.4. Summary
The TurboGears Identity module makes it easy to add authentication/authorization logic to your project.
You can modify the identity classes in model.py to add new features; however you shouldn’t remove columns or you could break your identity code.
Identity provides mechanisms to restrict access to particular controller methods via the @require decorator.
You can use SecureResource to restrict access to an entire class (and therefore an entire web directory).
You can use Identity checks from within your Kid templates, to custom generate pages based on user permissions.
TurboGears makes escaping text that goes into your HTML the default, so you have to do a little bit of work to write code that could expose a cross site scripting ...
Get Rapid Web Applications with TurboGears: Using Python to Create Ajax-Powered Sites now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.