quick question: I have created a web server using CherryPy. It requires authentication for all pages, so my default handler returns the login page object. Due to the way that CherryPy handles the dispatches, somebody who requests:
localhost:80/a/b/c
would be redirected to:
localhost:80/a/b/login
however, I'd like all unauthenticated requests to be invoked from the root level, independent of the potential additional parameters added in the HTML request, e.G.:
localhost:80/a/b/c --> localhost:80/login
Currently I am solving this by returning a HTML based redirect:
'<meta http-equiv="REFRESH" content="0;url=/login">'
I feel this is a very unclean solution and would rather want to use a CherryPy based solution. I looked at cherrypy.HTTPRedirect and cherrypy.url, but I haven't found a way to make them work for this problem.
Any thoughts?
Thank you!
Answer
You can specify the login page with a redirect: raise cherrypy.HTTPRedirect("/auth/login")
But, take a look here, there is a sample of how to write an authentication routine:
http://tools.cherrypy.org/wiki/AuthenticationAndAccessRestrictions
There is also an example of how to redirect the user back at the requested page after login.