I guess the issue is: how to you plan to authenticate the user?
Your partners could register with your app and been issued a token:
auth.settings.extra_fields=[Field('token',compute=lambda:
str(uuid.uuid4()))]
You can embed the token in the URL which generates the form (embedded via
iframe) to track where users come from. if you need to authenticate the
users the situation would be more complex.
On Sunday, 23 February 2014 14:35:30 UTC-6, Jason Burosh wrote:
>
> I am creating a web2py application that accepts values and calculates a
> score
> Want to make it available for partner sites to access the API, so I was
> thinking about having the partners pass a JSON object with their access key
> and other key/value pairs, and return the calculated value.
>
> However, I want to make it simple and easy for partners to use. I don't
> want them to have to develop their own forms, so I was thinking about just
> having partner sites embed my web2py form in their applications.
> Then I can control the form and workflow, and they can just use the app.
>
> QUESTION:
>
> How can I securely embed a web2py form into an external partner website
> (iframe or pop-up window) and still track which partner is accessing the
> application?
> I need to track who is calling the form, and want some type of partner
> 'authentication' so I can control who is accessing the application.
>
> Is there a better way to do this rather than just embedding the form?
> Any suggestions?
>
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
