`login` / `logout` functions
Archmonger opened this issue · 6 comments
Current Situation
The login function supplied by Django Channels provides non-persistent access to the Django session due to technical limitations.
To summarize the problem: ReactPy runs off of WebsSockets. Browsers do not allow active WebSocket connections to modify HTTP cookies. Django's authentication design requires HTTP cookies to persist Django login.
Proposed Actions
This might need to be implemented as a use_auth hook.
On a technical level, the following will need to be developed:
- Server Side: Create a HTTP login view that accepts a UUID. This UUID will be attached to a session, which valid for 60 seconds (configurable). Somehow will need to refresh the
scope['session']after a successful authentication. - Client Side: Perform the login/logout via client JavaScript using the upcoming
use_messengerhook. Will likely be an AJAX HTTP POST request.
Blocked on reactive-python/reactpy#1084
Reactpy is a dead project, so how can u do that ?
My co-founder Ryan has largely been MIA for the last year, so I will need to take over development on core soon.
In the next two weeks, I will be finalizing two more features in reactpy-router then shifting my focus to core.
My undying admiration for your commit/ment.
I'm leaning towards releasing a temporary solution to this problem.
In an ideal world, we'd have a login function that can be used within event handlers.
But due to being blocked on the use_messenger PR, I am debating temporarily releasing a login component. When rendered, this login object would perform a login operation.
@component
def example():
...
if needs_login:
return html.div( ... , login(UserObject) )
return html.div( ... )I thought of a way to develop this in a hook-like fashion despite the lack of a use_messenger hook.
This feature will be developed soon.