[Sputnik-list] Sputnik Login Security
Yuri Takhteyev
yuri at sims.berkeley.edu
Mon Apr 7 01:34:02 GMT+2 2008
> Could someone please update me with the current mechanisms Sputnik has
> to autenticate a Login ?
> Is (secure) authenticated login already included in the default (fresh
> installation) behavior ? If not, is there a small-tutorial on how to do this
> ?
This is not supported out of the box at this point (not even in the git
repository) but it can be added easily and Jim was working on something
along those lines. Sputnik uses pluggable modules to do authentication.
You can see the default one at:
http://gitorious.org/projects/sputnik/repos/mainline/blobs/master/sputnik/lua/sputnik/auth/simple.lua
You can write a replacement for it that uses some other source of
authentication. E.g., authenticating against an existing database of users
would be quite trivial: you will just need to write your "authenticate"
method to check against your database and not create new user accounts
automatically.
Jim was also suggesting replacing this with a fancier system that would
allow for confirmation by email, etc. Not sure where this is at.
Is it possible to control page access based on "groups" of users ? (ex:
> login access would be required only for parts of the site, while a sub-set
> of it would be public)
Yes, theoretically. Practically, several people (André, Jim) have pointed
out that the current system is a little too complicated, so we are thinking
of replacing it. So, it might not be a good time for writing a tutorial -
the whole authentication/permission thing is likely to change soon.
I am ready to help writing a small tutorial on this, once I learn how to
> do it. The doc would be in portuguese and with some revision help I could
> release an english version too.
It might be a little too early for this. Other parts of Sputnik are more
stable, though, and may benefit from documentation efforts. :)
- yuri
--
http://sputnik.freewisdom.org/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.luaforge.net/pipermail/sputnik-list/attachments/20080406/6968ca50/attachment.htm
More information about the Sputnik-list
mailing list