[web2py] Is it possible to create a webservice funcion for login (instead of basic authentication)?

Tue, 05 May 2015 09:57:45 -0700 

I'm creating a XMLRPC webservice with web2py, everything works perfect. 
In order to restrict access to the webservice, acordingly to the docs, you 
have to decorate the function that instantiates the webservice, for example:

@auth.requires_login()
def call():
    return service()


@service.xmlrpc
def check():
    return auth.user.email

So, in order to connect to this webservice, you would have to pass the user 
and password in the url, like this:
http://user:email@domain/default/call/xmlrpc
And then you would be able to run the function "check()" of the webservice.

So far all good. But what if I want to create a public webservice, and 
include a function for login (taking user and email as arguments)? The 
function should login the user and next calls to other functions should be 
able to check if user is logged in.

I've tried this with no success:

def call():
    return service()


@service.xmlrpc
def login(data):
    user = auth.login_bare(data['email'], data['password'])
    if not user:
        return False
    else:
        auth.login_user(user)
        return True


@service.xmlrpc
def check():
    if auth.is_logged_in():
        return auth.user.email
    else:
        return False

However this doesn't work. I can succesfully connect to the webservice, and 
I can succesfully execute "login()" function, but then inmediately I 
execute "check()" function and I always receive False, so the session isn't 
created.

For the testing client I'm using class ServerProxy from python xmlrpclib. 
I know this is easy to fix (using the first of the two examples shown 
here), but not all clients support basic authentication and I'm trying to 
figure out what to do for those cases. Thanks in advance!

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to