[web2py] Re: problems with conditional login redirection on on_failed_authorization
I'm still in need of help. Here's what I've managed to find. My problem is that if I don't use good credentials in the command line I get an exception because web2py is replying with the login_url. This suggests that the failedAuthHandler I'm using in auth.settings.on_failed_authorization is not working. [in models/db.py] def failedAuthHandler(): if request.function == 'private_call': redirect(URL(f='failed_login')) # just a regular action # or alternatively: redirect(URL(f='public_call', args=['jsonrpc', 'failed_login'])) else: redirect(URL(request)) auth.settings.on_failed_authorization = failedAuthHandler Since using failed_login as a regular action or as a public_call makes no difference. is this the correct way to use auth.settings.on_failed_authorization = function ? Txs for the help, Miguel On Sun, Jan 30, 2011 at 10:55 AM, Miguel Lopes mig.e.lo...@gmail.com wrote: on_failed_authorization can be a URL or a function. I'm think I could use this to achieve conditional login redirection. A use case would be service calls returning a simple string (or a JSON or an XML reply to non-validated requests), while still allowing for regular (non-service requests) to be redirected to a login page. This is useful for command-line clients (as a recent post argues) and desktops clients, but also to browser based RIA apps (e.g. Pyjamas based, Flex,...) where session expiration could lead to wanted redirections (as is mentioned in http://www.web2pyslices.com/main/slices/take_slice/48 ). I would see this as something as simple as: [in models/db.py] private_service = Service(globals()) # PRIVATE - for json, xml, jsonrpc, xmlrpc, amfrpc public_service = Service(globals()) # PUBLIC - for json, xml, jsonrpc, xmlrpc, amfrpc ... auth.settings.allow_basic_login = True def failedAuthHandler(): if request.function == 'private_call': redirect(URL(f='public_call', args='failed_login')) else: redirect(URL(request)) auth.settings.on_failed_authorization = failedAuthHandlerandler [in controllers/default] @private_service.jsonrpc def jsoncount(): return dict(response=response.session_id_name, now=request.now) @public_service.jsonrpc def failed_login(): return dict(error='Failed login') def public_call(): return public_service() @auth.requires_login() def private_call(): return private_service() However, I'm unable to make this code work. From the command line, if I issue a call with basic auth, with good credentials, such as: import jsonrpc sv = jsonrpc.ServiceProxy(http://GOOD_USER:GOOD_PASS@127.0.0.1:8080/json_auth_test/default/private_call/jsonrpc;) sv.jsoncount() {'now': '2011-01-30 10:31:21', 'response': 'session_id_json_auth_test'} But bad credentials don't work as expected: import jsonrpc sv = jsonrpc.ServiceProxy(http://GOOD_USER:BAD_PASS@127.0.0.1:8080/json_auth_test/default/private_call/jsonrpc;) sv.jsoncount() Traceback (most recent call last): File stdin, line 1, in module File /Library/Frameworks/Python.framework/Versions/2.5/lib/python2.5/site-packages/jsonrpc/proxy.py, line 43, in __call__ resp = loads(respdata) File /Library/Frameworks/Python.framework/Versions/2.5/lib/python2.5/site-packages/jsonrpc/json.py, line 211, in loads raise JSONDecodeException('Expected []{}, or Number, Null, False or True') jsonrpc.json.JSONDecodeException: Expected []{}, or Number, Null, False or True From the browser using an url with or without credentials, for both: .../default/private_call/jsoncount .../default/public_call/failed_login I get: Object does not exist with a Status 404 content header Am I on the right track? How could this be achieved? Txs, Miguel
[web2py] Re: problems with conditional login redirection on on_failed_authorization
I'm on my way out as a first thing, try it with auth.settings.on_failed_authorization = failedAuthHandler() On Jan 30, 9:29 pm, Miguel Lopes mig.e.lo...@gmail.com wrote: I'm still in need of help. Here's what I've managed to find. My problem is that if I don't use good credentials in the command line I get an exception because web2py is replying with the login_url. This suggests that the failedAuthHandler I'm using in auth.settings.on_failed_authorization is not working. [in models/db.py] def failedAuthHandler(): if request.function == 'private_call': redirect(URL(f='failed_login')) # just a regular action # or alternatively: redirect(URL(f='public_call', args=['jsonrpc', 'failed_login'])) else: redirect(URL(request)) auth.settings.on_failed_authorization = failedAuthHandler Since using failed_login as a regular action or as a public_call makes no difference. is this the correct way to use auth.settings.on_failed_authorization = function ? Txs for the help, Miguel On Sun, Jan 30, 2011 at 10:55 AM, Miguel Lopes mig.e.lo...@gmail.com wrote: on_failed_authorization can be a URL or a function. I'm think I could use this to achieve conditional login redirection. A use case would be service calls returning a simple string (or a JSON or an XML reply to non-validated requests), while still allowing for regular (non-service requests) to be redirected to a login page. This is useful for command-line clients (as a recent post argues) and desktops clients, but also to browser based RIA apps (e.g. Pyjamas based, Flex,...) where session expiration could lead to wanted redirections (as is mentioned in http://www.web2pyslices.com/main/slices/take_slice/48). I would see this as something as simple as: [in models/db.py] private_service = Service(globals()) # PRIVATE - for json, xml, jsonrpc, xmlrpc, amfrpc public_service = Service(globals()) # PUBLIC - for json, xml, jsonrpc, xmlrpc, amfrpc ... auth.settings.allow_basic_login = True def failedAuthHandler(): if request.function == 'private_call': redirect(URL(f='public_call', args='failed_login')) else: redirect(URL(request)) auth.settings.on_failed_authorization = failedAuthHandlerandler [in controllers/default] @private_service.jsonrpc def jsoncount(): return dict(response=response.session_id_name, now=request.now) @public_service.jsonrpc def failed_login(): return dict(error='Failed login') def public_call(): return public_service() @auth.requires_login() def private_call(): return private_service() However, I'm unable to make this code work. From the command line, if I issue a call with basic auth, with good credentials, such as: import jsonrpc sv = jsonrpc.ServiceProxy(http://GOOD_USER:GOOD_P...@127.0.0.1:8080/json_auth_test/default/private_call/jsonrpc;) sv.jsoncount() {'now': '2011-01-30 10:31:21', 'response': 'session_id_json_auth_test'} But bad credentials don't work as expected: import jsonrpc sv = jsonrpc.ServiceProxy(http://GOOD_USER:BAD_P...@127.0.0.1:8080/json_auth_test/default/private_call/jsonrpc;) sv.jsoncount() Traceback (most recent call last): File stdin, line 1, in module File /Library/Frameworks/Python.framework/Versions/2.5/lib/python2.5/site-packages/jsonrpc/proxy.py, line 43, in __call__ resp = loads(respdata) File /Library/Frameworks/Python.framework/Versions/2.5/lib/python2.5/site-packages/jsonrpc/json.py, line 211, in loads raise JSONDecodeException('Expected []{}, or Number, Null, False or True') jsonrpc.json.JSONDecodeException: Expected []{}, or Number, Null, False or True From the browser using an url with or without credentials, for both: .../default/private_call/jsoncount .../default/public_call/failed_login I get: Object does not exist with a Status 404 content header Am I on the right track? How could this be achieved? Txs, Miguel
[web2py] Re: problems with conditional login redirection on on_failed_authorization
try with auth.settings.on_failed_authorization = failedAuthHandlerandler() it works for me ^_^ On Jan 30, 9:29 pm, Miguel Lopes mig.e.lo...@gmail.com wrote: I'm still in need of help. Here's what I've managed to find. My problem is that if I don't use good credentials in the command line I get an exception because web2py is replying with the login_url. This suggests that the failedAuthHandler I'm using in auth.settings.on_failed_authorization is not working. [in models/db.py] def failedAuthHandler(): if request.function == 'private_call': redirect(URL(f='failed_login')) # just a regular action # or alternatively: redirect(URL(f='public_call', args=['jsonrpc', 'failed_login'])) else: redirect(URL(request)) auth.settings.on_failed_authorization = failedAuthHandler Since using failed_login as a regular action or as a public_call makes no difference. is this the correct way to use auth.settings.on_failed_authorization = function ? Txs for the help, Miguel On Sun, Jan 30, 2011 at 10:55 AM, Miguel Lopes mig.e.lo...@gmail.com wrote: on_failed_authorization can be a URL or a function. I'm think I could use this to achieve conditional login redirection. A use case would be service calls returning a simple string (or a JSON or an XML reply to non-validated requests), while still allowing for regular (non-service requests) to be redirected to a login page. This is useful for command-line clients (as a recent post argues) and desktops clients, but also to browser based RIA apps (e.g. Pyjamas based, Flex,...) where session expiration could lead to wanted redirections (as is mentioned in http://www.web2pyslices.com/main/slices/take_slice/48). I would see this as something as simple as: [in models/db.py] private_service = Service(globals()) # PRIVATE - for json, xml, jsonrpc, xmlrpc, amfrpc public_service = Service(globals()) # PUBLIC - for json, xml, jsonrpc, xmlrpc, amfrpc ... auth.settings.allow_basic_login = True def failedAuthHandler(): if request.function == 'private_call': redirect(URL(f='public_call', args='failed_login')) else: redirect(URL(request)) auth.settings.on_failed_authorization = failedAuthHandlerandler [in controllers/default] @private_service.jsonrpc def jsoncount(): return dict(response=response.session_id_name, now=request.now) @public_service.jsonrpc def failed_login(): return dict(error='Failed login') def public_call(): return public_service() @auth.requires_login() def private_call(): return private_service() However, I'm unable to make this code work. From the command line, if I issue a call with basic auth, with good credentials, such as: import jsonrpc sv = jsonrpc.ServiceProxy(http://GOOD_USER:GOOD_P...@127.0.0.1:8080/json_auth_test/default/private_call/jsonrpc;) sv.jsoncount() {'now': '2011-01-30 10:31:21', 'response': 'session_id_json_auth_test'} But bad credentials don't work as expected: import jsonrpc sv = jsonrpc.ServiceProxy(http://GOOD_USER:BAD_P...@127.0.0.1:8080/json_auth_test/default/private_call/jsonrpc;) sv.jsoncount() Traceback (most recent call last): File stdin, line 1, in module File /Library/Frameworks/Python.framework/Versions/2.5/lib/python2.5/site-packages/jsonrpc/proxy.py, line 43, in __call__ resp = loads(respdata) File /Library/Frameworks/Python.framework/Versions/2.5/lib/python2.5/site-packages/jsonrpc/json.py, line 211, in loads raise JSONDecodeException('Expected []{}, or Number, Null, False or True') jsonrpc.json.JSONDecodeException: Expected []{}, or Number, Null, False or True From the browser using an url with or without credentials, for both: .../default/private_call/jsoncount .../default/public_call/failed_login I get: Object does not exist with a Status 404 content header Am I on the right track? How could this be achieved? Txs, Miguel
Re: [web2py] Re: problems with conditional login redirection on on_failed_authorization
On Sun, Jan 30, 2011 at 9:16 PM, Niphlod niph...@gmail.com wrote: try with auth.settings.on_failed_authorization = failedAuthHandlerandler() it works for me ^_^ Not for me! And I can't see how. Miguel
[web2py] Re: problems with conditional login redirection on on_failed_authorization
sorry this is subtle to spot, but authentication and authorization is a different thing and it's managed differently whether you are allowing basic login or not I did an incorrect assumption making my tests and replying before if you try with the decorator @auth.requires_membership('aaa') it should work , but if you are protecting the page with @auth.requires_login() the default behaviour is to redirect the user to the login page. I think that you may want to use auth.settings.on_failed_authentication instead of auth.settings.on_failed_authorization This is because on_failed_authorization is called only when: - you are allowing only basic login (if the user specified username and a password and he's not allowed to see a resource, than he's not authorized) - if he's yet logged in and he's not allowed to see a resource (permission, group, etc not matching) on all the other cases the real thing happening is that the user is not authenticated (not yet logged in or anonymous), thus the function on_failed_authorization is not called. To sum up briefely, on_failed_authentication gets called before on_failed_authorization in your case. On Jan 30, 10:57 pm, Miguel Lopes mig.e.lo...@gmail.com wrote: On Sun, Jan 30, 2011 at 9:16 PM, Niphlod niph...@gmail.com wrote: try with auth.settings.on_failed_authorization = failedAuthHandlerandler() it works for me ^_^ Not for me! And I can't see how. Miguel