[Mailman-Developers] Reusing mailman login/pass or cookie ?
Barry A. Warsaw
barry@zope.com
Thu, 25 Oct 2001 02:12:09 -0400
>>>>> "timduru" == <timduru@timduru.org> writes:
timduru> I've developped a few php scripts for the users of some
timduru> of my lists, what I need is to have only users
timduru> effectively subscribed and authenticated to the lists to
timduru> be able to use the scripts.
timduru> I also need to know what is the user's login in the php
timduru> scripts.
timduru> Is there a way to do that , either by reproducing the
timduru> mailman auth process in php or by reusing the mailman
timduru> cookie ?
timduru> Anyone has already done that or knows of a way to do that
timduru> ?
I'm not aware of anybody doing that, but in Mailman 2.1, you could
hook into the membership API to extract a given user's password. In
Mailman all user passwords are kept in cleartext in the config.pck
file. Site admin and list admin passwords are not, so that's why you
can't get a reminder for a forgotten list admin password.
You could certainly reuse the Mailman cookie code, or protocol. See
SecurityManager.py for details of how it works.
-Barry