-
-
Notifications
You must be signed in to change notification settings - Fork 793
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Modify expand_login_view to allow for subdomain and host matching for login_view #462
Conversation
…in special case In maxcountryman#462, the requested view arguments were passed to the `login_view` so as to allow for the use of dynamic subdomains in Flask. However, this had the side effect of passing any requested view arguments to the `login_view`. This is unnecessary and may also lead to unanticipated side effects if some arguments inadvertently passed take on special meaning in the `login_view`. Instead, special case dynamic subdomain view arguments only so that they are the only ones passed to `login_view`.
…in special case In maxcountryman#462, the requested view arguments were passed to the `login_view` so as to allow for the use of dynamic subdomains in Flask. However, this had the side effect of passing any requested view arguments to the `login_view`. This is unnecessary and may also lead to unanticipated side effects if some arguments inadvertently passed take on special meaning in the `login_view`. Instead, special case dynamic subdomain view arguments only so that they are the only ones passed to `login_view`.
…in special case In maxcountryman#462, the requested view arguments were passed to the `login_view` so as to allow for the use of dynamic subdomains in Flask. However, this had the side effect of passing any requested view arguments to the `login_view`. This is unnecessary and may also lead to unanticipated side effects if some arguments inadvertently passed take on special meaning in the `login_view`. Instead, special case dynamic subdomain view arguments only so that they are the only ones passed to `login_view`.
…in special case In maxcountryman#462, the requested view arguments were passed to the `login_view` so as to allow for the use of dynamic subdomains in Flask. However, this had the side effect of passing any requested view arguments to the `login_view`. This is unnecessary and may also lead to unanticipated side effects if some arguments inadvertently passed take on special meaning in the `login_view`. Instead, special case dynamic subdomain view arguments only so that they are the only ones passed to `login_view`.
I don't think this should have been merged. For some "global" variables in URL rules, like multi-tennant, locale, etc., you should use This change added all URL values as query args to the login view, not just subdomain and host. #663 addressed that, but had to use an internal Werkzeug API to inspect the URL rule each time (overhead), and was broken when it was removed from Werkzeug. @app.url_value_preprocessor
def store_tennant(endpoint, values):
g.tennant = values.pop("tennant", None)
@app.url_defaults
def set_tennant(endpoint, values):
values.setdefault("tennant", g.tennant) |
Agree. This seems like the wrong approach. We should revert this. |
I'll revert it and release 0.6.2. |
The current implementation will throw the following error when using dynamic subdomain or host matching in Flask:
This change will allow for the following: