Previous  Top  Next

Adding user management

In the web site we have created, anybody can add, edit and remove items. Obviously this is not the expected behaviour in many situations : generally, all visitors will be able to see the records in the base, but only the administrator of the site, and perhaps some selected users, will be able to add, edit and remove records

If the administrator allows selected users to manage the database, he will have to manage the users database, which will store at least the login and password of the users

How do we add these functions to our web site ? Just by adding another line, to specify the security level. Go back to the configuration file (booksConfig.py) and add this third line :

name = "books"
fields = ["title:str","year:int","author:str"]
security = 'standard'

Once you have saved this new version of booksConfig.py, follow the same steps as previously with makeScript.py. The program will ask you to choose the configuration file as before, but it will then ask you to enter a login and a password for the site administrator

Once this is done (you must enter a login, and the password must have at least 6 characters), in your web browser, reload the page http://localhost/instant_site/books.ks

There are two differences with the previous version : the links "Edit" and "Remove" have disappeared, and there is a link called "Login". Click on it and you will be asked to enter a login and a password. At this stage, if you enter any value you like, you will get an error message : no user has been defined so far

So, how do you manage the users base ? In the address bar, replace the end of the url, index, by admin. This will open a dialog box asking you to enter a login and a password

Enter the data you have chosen previously (homer / simpson in my example). This allows you access to the same interface as for the books page, but here you can enter users with their login and password. The users base is empty, add a record with a login and password of your choice, for instance :

Now back to the books page (http://localhost/instant_site/books.ks), log in with the values you have just entered and you will see this page :

Now you can manage the books database as you like. If you log out, you go back to the visitor status, only able to see the books list

In the next step we'll add more options to the configuration file