[web2py] Re: web2py 2.13.3 is OUT

[Literate Aspects]

Just have to say THANK YOU, for your incredible contributions.

Cordially,

benYAH


On Thursday, December 24, 2015 at 7:21:42 AM UTC-8, Massimo Di Pierro wrote:
>
> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>
> It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
> importantly it contains experimental support for JWT. Here is how it works:
>
> 1) instantiate auth with
>
> auth = Auth(db, jwt = {'secret_key':'secret'})
>
> where 'secret' is your own secret string. 
>
> 2) Secorate functions that require login but should accept the JWT 
> token credentials:
>
> @auth.allows_jwt()
> @auth.requires_login()
> def myapi(): return 'hello %s' % auth.user.email
> 
> Notice jwt is allowed but not required. if user is logged in, 
> myapi is accessible.
>
> 3) Use it!
> Now API users can obtain a token with
>
> http://.../app/default/user/jwt?username=...&password=
>
> (returns json object with a token attribute)
> API users can refresh an existing token with
>
> http://.../app/default/user/jwt?token=...
>
> they can authenticate themselves when calling http:/.../myapi by 
> injecting a header
>
> Authorization: Bearer 
>
> Any additional attributes in the jwt argument of Auth() below:
>
>auth = Auth(db, jwt = {...})
>
> are passed to the constructor of class AuthJWT. Look there for 
> documentation.
>
> Thanks Niphlod again for implementing this. 
> Please help us check it so we will declare it stable in the next release.
>
> Massimo
>
>
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[web2py] Re: web2py 2.13.3 is OUT

[john sitjar]

Good day sir I am new to web2py and extjs 6,I would like to ask if you have 
a tutorial on how to run an Extjs 6 app using web2py.thanks

On Thursday, December 24, 2015 at 11:21:42 PM UTC+8, Massimo Di Pierro 
wrote:
>
> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>
> It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
> importantly it contains experimental support for JWT. Here is how it works:
>
> 1) instantiate auth with
>
> auth = Auth(db, jwt = {'secret_key':'secret'})
>
> where 'secret' is your own secret string. 
>
> 2) Secorate functions that require login but should accept the JWT 
> token credentials:
>
> @auth.allows_jwt()
> @auth.requires_login()
> def myapi(): return 'hello %s' % auth.user.email
> 
> Notice jwt is allowed but not required. if user is logged in, 
> myapi is accessible.
>
> 3) Use it!
> Now API users can obtain a token with
>
> http://.../app/default/user/jwt?username=...&password=
>
> (returns json object with a token attribute)
> API users can refresh an existing token with
>
> http://.../app/default/user/jwt?token=...
>
> they can authenticate themselves when calling http:/.../myapi by 
> injecting a header
>
> Authorization: Bearer 
>
> Any additional attributes in the jwt argument of Auth() below:
>
>auth = Auth(db, jwt = {...})
>
> are passed to the constructor of class AuthJWT. Look there for 
> documentation.
>
> Thanks Niphlod again for implementing this. 
> Please help us check it so we will declare it stable in the next release.
>
> Massimo
>
>
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[web2py] Re: web2py 2.13.3 is OUT

[Dave S]

Should this thread be unpinned and the 2.13.4 thread pinned instead?

/dps


On Thursday, December 24, 2015 at 7:21:42 AM UTC-8, Massimo Di Pierro wrote:
>
> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>
> It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
> importantly it contains experimental support for JWT. Here is how it works:
>
> 1) instantiate auth with
>
> auth = Auth(db, jwt = {'secret_key':'secret'})
>
> where 'secret' is your own secret string. 
>
> 2) Secorate functions that require login but should accept the JWT 
> token credentials:
>
> @auth.allows_jwt()
> @auth.requires_login()
> def myapi(): return 'hello %s' % auth.user.email
> 
> Notice jwt is allowed but not required. if user is logged in, 
> myapi is accessible.
>
> 3) Use it!
> Now API users can obtain a token with
>
> http://.../app/default/user/jwt?username=...&password=
>
> (returns json object with a token attribute)
> API users can refresh an existing token with
>
> http://.../app/default/user/jwt?token=...
>
> they can authenticate themselves when calling http:/.../myapi by 
> injecting a header
>
> Authorization: Bearer 
>
> Any additional attributes in the jwt argument of Auth() below:
>
>auth = Auth(db, jwt = {...})
>
> are passed to the constructor of class AuthJWT. Look there for 
> documentation.
>
> Thanks Niphlod again for implementing this. 
> Please help us check it so we will declare it stable in the next release.
>
> Massimo
>
>
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[web2py] Re: web2py 2.13.3 is OUT

[Massimo Di Pierro]

No. perhaps the file just had wrong permissions.

On Monday, 4 January 2016 06:30:02 UTC-6, Jacinto Parga wrote:
>
> I have solved it. 
>
> I have removed *logging.conf* file from the web2py folder, but I don't 
>  know if it has undesidered consecuences!
>
> Can it be harmful?
>
> Thanks!
>
> El lunes, 4 de enero de 2016, 11:52:22 (UTC+1), Jacinto Parga escribió:
>>
>> Hi, 
>>
>> I upgraded from 2.11.2
>>
>> I get a error ticket when I deploy to GAE:
>>
>> Traceback (most recent call last):
>>   File 
>> "/base/data/home/runtimes/python27/python27_lib/versions/1/google/appengine/runtime/wsgi.py"
>> , line 240, in Handle
>> handler = _config_handle.add_wsgi_middleware(self._LoadHandler())
>>   File 
>> "/base/data/home/runtimes/python27/python27_lib/versions/1/google/appengine/runtime/wsgi.py"
>> , line 299, in _LoadHandler
>> handler, path, err = LoadObject(self._handler)
>>   File 
>> "/base/data/home/runtimes/python27/python27_lib/versions/1/google/appengine/runtime/wsgi.py"
>> , line 85, in LoadObject
>> obj = __import__(path[0])
>>   File 
>> "/base/data/home/apps/s~clubatletismosada/2.389741792186866429/gaehandler.py"
>> , line 62 
>> 
>> , in 
>> import gluon.main
>>   File 
>> "/base/data/home/apps/s~clubatletismosada/2.389741792186866429/gluon/main.py"
>> , line 85 
>> 
>> , in 
>> logging.config.fileConfig(abspath("logging.conf"))
>>   File 
>> "/base/data/home/runtimes/python27/python27_dist/lib/python2.7/logging/config.py"
>> , line 78, in fileConfig
>> handlers = _install_handlers(cp, formatters)
>>   File 
>> "/base/data/home/runtimes/python27/python27_dist/lib/python2.7/logging/config.py"
>> , line 156, in _install_handlers
>> h = klass(*args)
>>   File 
>> "/base/data/home/runtimes/python27/python27_dist/lib/python2.7/logging/handlers.py"
>> , line 117, in __init__
>> BaseRotatingHandler.__init__(self, filename, mode, encoding, delay)
>>   File 
>> "/base/data/home/runtimes/python27/python27_dist/lib/python2.7/logging/handlers.py"
>> , line 64, in __init__
>> logging.FileHandler.__init__(self, filename, mode, encoding, delay)
>>   File 
>> "/base/data/home/runtimes/python27/python27_dist/lib/python2.7/logging/__init__.py"
>> , line 902, in __init__
>> StreamHandler.__init__(self, self._open())
>>   File 
>> "/base/data/home/runtimes/python27/python27_dist/lib/python2.7/logging/__init__.py"
>> , line 925, in _open
>> stream = open(self.baseFilename, self.mode)
>> IOError: [Errno 30] Read-only file system: 
>> '/base/data/home/apps/s~clubatletismosada/2.389741792186866429/logs/web2py.log'
>>
>> Maybe I have missed something with the handlers?
>>
>> El jueves, 24 de diciembre de 2015, 16:21:42 (UTC+1), Massimo Di Pierro 
>> escribió:
>>>
>>> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>>>
>>> It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
>>> importantly it contains experimental support for JWT. Here is how it works:
>>>
>>> 1) instantiate auth with
>>>
>>> auth = Auth(db, jwt = {'secret_key':'secret'})
>>>
>>> where 'secret' is your own secret string. 
>>>
>>> 2) Secorate functions that require login but should accept the 
>>> JWT token credentials:
>>>
>>> @auth.allows_jwt()
>>> @auth.requires_login()
>>> def myapi(): return 'hello %s' % auth.user.email
>>> 
>>> Notice jwt is allowed but not required. if user is logged in, 
>>> myapi is accessible.
>>>
>>> 3) Use it!
>>> Now API users can obtain a token with
>>>
>>> http://.../app/default/user/jwt?username=...&password=
>>>
>>> (returns json object with a token attribute)
>>> API users can refresh an existing token with
>>>
>>> http://.../app/default/user/jwt?token=...
>>>
>>> they can authenticate themselves when calling http:/.../myapi by 
>>> injecting a header
>>>
>>> Authorization: Bearer 
>>>
>>> Any additional attributes in the jwt argument of Auth() below:
>>>
>>>auth = Auth(db, jwt = {...})
>>>
>>> are passed to the constructor of class AuthJWT. Look there for 
>>> documentation.
>>>
>>> Thanks Niphlod again for implementing this. 
>>> Please help us check it so we will declare it stable in the next release.
>>>
>>> Massimo
>>>
>>>
>>>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.goo

[web2py] Re: web2py 2.13.3 is OUT

[Jacinto Parga]

I have solved it. 

I have removed *logging.conf* file from the web2py folder, but I don't 
 know if it has undesidered consecuences!

Can it be harmful?

Thanks!

El lunes, 4 de enero de 2016, 11:52:22 (UTC+1), Jacinto Parga escribió:
>
> Hi, 
>
> I upgraded from 2.11.2
>
> I get a error ticket when I deploy to GAE:
>
> Traceback (most recent call last):
>   File 
> "/base/data/home/runtimes/python27/python27_lib/versions/1/google/appengine/runtime/wsgi.py"
> , line 240, in Handle
> handler = _config_handle.add_wsgi_middleware(self._LoadHandler())
>   File 
> "/base/data/home/runtimes/python27/python27_lib/versions/1/google/appengine/runtime/wsgi.py"
> , line 299, in _LoadHandler
> handler, path, err = LoadObject(self._handler)
>   File 
> "/base/data/home/runtimes/python27/python27_lib/versions/1/google/appengine/runtime/wsgi.py"
> , line 85, in LoadObject
> obj = __import__(path[0])
>   File 
> "/base/data/home/apps/s~clubatletismosada/2.389741792186866429/gaehandler.py"
> , line 62 
> 
> , in 
> import gluon.main
>   File 
> "/base/data/home/apps/s~clubatletismosada/2.389741792186866429/gluon/main.py"
> , line 85 
> 
> , in 
> logging.config.fileConfig(abspath("logging.conf"))
>   File 
> "/base/data/home/runtimes/python27/python27_dist/lib/python2.7/logging/config.py"
> , line 78, in fileConfig
> handlers = _install_handlers(cp, formatters)
>   File 
> "/base/data/home/runtimes/python27/python27_dist/lib/python2.7/logging/config.py"
> , line 156, in _install_handlers
> h = klass(*args)
>   File 
> "/base/data/home/runtimes/python27/python27_dist/lib/python2.7/logging/handlers.py"
> , line 117, in __init__
> BaseRotatingHandler.__init__(self, filename, mode, encoding, delay)
>   File 
> "/base/data/home/runtimes/python27/python27_dist/lib/python2.7/logging/handlers.py"
> , line 64, in __init__
> logging.FileHandler.__init__(self, filename, mode, encoding, delay)
>   File 
> "/base/data/home/runtimes/python27/python27_dist/lib/python2.7/logging/__init__.py"
> , line 902, in __init__
> StreamHandler.__init__(self, self._open())
>   File 
> "/base/data/home/runtimes/python27/python27_dist/lib/python2.7/logging/__init__.py"
> , line 925, in _open
> stream = open(self.baseFilename, self.mode)
> IOError: [Errno 30] Read-only file system: 
> '/base/data/home/apps/s~clubatletismosada/2.389741792186866429/logs/web2py.log'
>
> Maybe I have missed something with the handlers?
>
> El jueves, 24 de diciembre de 2015, 16:21:42 (UTC+1), Massimo Di Pierro 
> escribió:
>>
>> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>>
>> It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
>> importantly it contains experimental support for JWT. Here is how it works:
>>
>> 1) instantiate auth with
>>
>> auth = Auth(db, jwt = {'secret_key':'secret'})
>>
>> where 'secret' is your own secret string. 
>>
>> 2) Secorate functions that require login but should accept the 
>> JWT token credentials:
>>
>> @auth.allows_jwt()
>> @auth.requires_login()
>> def myapi(): return 'hello %s' % auth.user.email
>> 
>> Notice jwt is allowed but not required. if user is logged in, 
>> myapi is accessible.
>>
>> 3) Use it!
>> Now API users can obtain a token with
>>
>> http://.../app/default/user/jwt?username=...&password=
>>
>> (returns json object with a token attribute)
>> API users can refresh an existing token with
>>
>> http://.../app/default/user/jwt?token=...
>>
>> they can authenticate themselves when calling http:/.../myapi by 
>> injecting a header
>>
>> Authorization: Bearer 
>>
>> Any additional attributes in the jwt argument of Auth() below:
>>
>>auth = Auth(db, jwt = {...})
>>
>> are passed to the constructor of class AuthJWT. Look there for 
>> documentation.
>>
>> Thanks Niphlod again for implementing this. 
>> Please help us check it so we will declare it stable in the next release.
>>
>> Massimo
>>
>>
>>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubsc

[web2py] Re: web2py 2.13.3 is OUT

[Jacinto Parga]

Hi, 

I upgraded from 2.11.2

I get a error ticket when I deploy to GAE:

Traceback (most recent call last):
  File 
"/base/data/home/runtimes/python27/python27_lib/versions/1/google/appengine/runtime/wsgi.py"
, line 240, in Handle
handler = _config_handle.add_wsgi_middleware(self._LoadHandler())
  File 
"/base/data/home/runtimes/python27/python27_lib/versions/1/google/appengine/runtime/wsgi.py"
, line 299, in _LoadHandler
handler, path, err = LoadObject(self._handler)
  File 
"/base/data/home/runtimes/python27/python27_lib/versions/1/google/appengine/runtime/wsgi.py"
, line 85, in LoadObject
obj = __import__(path[0])
  File 
"/base/data/home/apps/s~clubatletismosada/2.389741792186866429/gaehandler.py"
, line 62 

, in 
import gluon.main
  File 
"/base/data/home/apps/s~clubatletismosada/2.389741792186866429/gluon/main.py"
, line 85 

, in 
logging.config.fileConfig(abspath("logging.conf"))
  File 
"/base/data/home/runtimes/python27/python27_dist/lib/python2.7/logging/config.py"
, line 78, in fileConfig
handlers = _install_handlers(cp, formatters)
  File 
"/base/data/home/runtimes/python27/python27_dist/lib/python2.7/logging/config.py"
, line 156, in _install_handlers
h = klass(*args)
  File 
"/base/data/home/runtimes/python27/python27_dist/lib/python2.7/logging/handlers.py"
, line 117, in __init__
BaseRotatingHandler.__init__(self, filename, mode, encoding, delay)
  File 
"/base/data/home/runtimes/python27/python27_dist/lib/python2.7/logging/handlers.py"
, line 64, in __init__
logging.FileHandler.__init__(self, filename, mode, encoding, delay)
  File 
"/base/data/home/runtimes/python27/python27_dist/lib/python2.7/logging/__init__.py"
, line 902, in __init__
StreamHandler.__init__(self, self._open())
  File 
"/base/data/home/runtimes/python27/python27_dist/lib/python2.7/logging/__init__.py"
, line 925, in _open
stream = open(self.baseFilename, self.mode)
IOError: [Errno 30] Read-only file system: 
'/base/data/home/apps/s~clubatletismosada/2.389741792186866429/logs/web2py.log'

Maybe I have missed something with the handlers?

El jueves, 24 de diciembre de 2015, 16:21:42 (UTC+1), Massimo Di Pierro 
escribió:
>
> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>
> It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
> importantly it contains experimental support for JWT. Here is how it works:
>
> 1) instantiate auth with
>
> auth = Auth(db, jwt = {'secret_key':'secret'})
>
> where 'secret' is your own secret string. 
>
> 2) Secorate functions that require login but should accept the JWT 
> token credentials:
>
> @auth.allows_jwt()
> @auth.requires_login()
> def myapi(): return 'hello %s' % auth.user.email
> 
> Notice jwt is allowed but not required. if user is logged in, 
> myapi is accessible.
>
> 3) Use it!
> Now API users can obtain a token with
>
> http://.../app/default/user/jwt?username=...&password=
>
> (returns json object with a token attribute)
> API users can refresh an existing token with
>
> http://.../app/default/user/jwt?token=...
>
> they can authenticate themselves when calling http:/.../myapi by 
> injecting a header
>
> Authorization: Bearer 
>
> Any additional attributes in the jwt argument of Auth() below:
>
>auth = Auth(db, jwt = {...})
>
> are passed to the constructor of class AuthJWT. Look there for 
> documentation.
>
> Thanks Niphlod again for implementing this. 
> Please help us check it so we will declare it stable in the next release.
>
> Massimo
>
>
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[web2py] Re: web2py 2.13.3 is OUT

[Dmitri Ermolaev]

hey - do you see cryptocurrency Auth?

in NEXT - http://nxt.org/ - it have token by user account in cryptocurrency

четверг, 24 декабря 2015 г., 18:21:42 UTC+3 пользователь Massimo Di Pierro 
написал:
>
> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>
> It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
> importantly it contains experimental support for JWT. Here is how it works:
>
> 1) instantiate auth with
>
> auth = Auth(db, jwt = {'secret_key':'secret'})
>
> where 'secret' is your own secret string. 
>
> 2) Secorate functions that require login but should accept the JWT 
> token credentials:
>
> @auth.allows_jwt()
> @auth.requires_login()
> def myapi(): return 'hello %s' % auth.user.email
> 
> Notice jwt is allowed but not required. if user is logged in, 
> myapi is accessible.
>
> 3) Use it!
> Now API users can obtain a token with
>
> http://.../app/default/user/jwt?username=...&password=
>
> (returns json object with a token attribute)
> API users can refresh an existing token with
>
> http://.../app/default/user/jwt?token=...
>
> they can authenticate themselves when calling http:/.../myapi by 
> injecting a header
>
> Authorization: Bearer 
>
> Any additional attributes in the jwt argument of Auth() below:
>
>auth = Auth(db, jwt = {...})
>
> are passed to the constructor of class AuthJWT. Look there for 
> documentation.
>
> Thanks Niphlod again for implementing this. 
> Please help us check it so we will declare it stable in the next release.
>
> Massimo
>
>
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [web2py] Re: web2py 2.13.3 is OUT

[Luis Valladares]

Now I'm using a token based authentication but it's server side, I store
the data of the tokens inside a redis cluster server and make a request
every time I want to retrieve this token data
El dic. 30, 2015 8:33 PM, "Dave S"  escribió:

>
>
> On Wednesday, December 30, 2015 at 4:07:35 PM UTC-8, Luis Valladares wrote:
>>
>> All my applications are REST so CAS doesn't work I think
>>
>
> Currently not requiring login? You're using the REST decorator? And you
> want to add JWT for security?
>
> In that direction, I'm wondering what @response.restfull() does with
> sessions.
>  http://web2py.com/books/default/chapter/29/10/services#Services-and-Authentication
> >
> It appears that sessions (e.g. session cookies) are supported,
> and I'd be trying to use the CAS approach in the call() routine.
>
> This is speculation on my part; I'm not even a power user for auth.
>
> /dps
>
>
> El dic. 30, 2015 7:19 PM, "Dave S"  escribió:
>>
>>> On Wednesday, December 30, 2015 at 2:33:46 PM UTC-8,
>>> luis.va...@metamaxzone.com wrote:

 What if i've two different applications (event in two differents
 machines) one for the front end of my site (all my views, form, etc...) and
 other to authenticate my users, i mean, a micro service architecture.

>>>
>>> Does the web2py CAS support help with this?  Assuming you're
>>> investigating the JWT support.
>>>
>>> >> http://web2py.com/books/default/chapter/29/09/access-control#Central-Authentication-Service
>>> >
>>>
>>> /dps
>>>
>>>
>>>

 El jueves, 24 de diciembre de 2015, 10:51:42 (UTC-4:30), Massimo Di
 Pierro escribió:
>
> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>
> It contains some bug fixes for bugs introduced in 2.13.1-2 and most
> importantly it contains experimental support for JWT. Here is how it 
> works:
>
> 1) instantiate auth with
>
> auth = Auth(db, jwt = {'secret_key':'secret'})
>
> where 'secret' is your own secret string.
>
> 2) Secorate functions that require login but should accept the
> JWT token credentials:
>
> @auth.allows_jwt()
> @auth.requires_login()
> def myapi(): return 'hello %s' % auth.user.email
>
> Notice jwt is allowed but not required. if user is logged in,
> myapi is accessible.
>
> 3) Use it!
> Now API users can obtain a token with
>
> http://.../app/default/user/jwt?username=...&password=
>
> (returns json object with a token attribute)
> API users can refresh an existing token with
>
> http://.../app/default/user/jwt?token=...
>
> they can authenticate themselves when calling http:/.../myapi
> by injecting a header
>
> Authorization: Bearer 
>
> Any additional attributes in the jwt argument of Auth() below:
>
>auth = Auth(db, jwt = {...})
>
> are passed to the constructor of class AuthJWT. Look there for
> documentation.
>
> Thanks Niphlod again for implementing this.
> Please help us check it so we will declare it stable in the next
> release.
>
> Massimo
>
>
> --
>>> Resources:
>>> - http://web2py.com
>>> - http://web2py.com/book (Documentation)
>>> - http://github.com/web2py/web2py (Source code)
>>> - https://code.google.com/p/web2py/issues/list (Report Issues)
>>> ---
>>> You received this message because you are subscribed to a topic in the
>>> Google Groups "web2py-users" group.
>>> To unsubscribe from this topic, visit
>>> https://groups.google.com/d/topic/web2py/NUDpOmGLDTQ/unsubscribe.
>>> To unsubscribe from this group and all its topics, send an email to
>>> web2py+un...@googlegroups.com.
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>> --
> Resources:
> - http://web2py.com
> - http://web2py.com/book (Documentation)
> - http://github.com/web2py/web2py (Source code)
> - https://code.google.com/p/web2py/issues/list (Report Issues)
> ---
> You received this message because you are subscribed to a topic in the
> Google Groups "web2py-users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/web2py/NUDpOmGLDTQ/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> web2py+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/opt

Re: [web2py] Re: web2py 2.13.3 is OUT

[Dave S]

On Wednesday, December 30, 2015 at 4:07:35 PM UTC-8, Luis Valladares wrote:
>
> All my applications are REST so CAS doesn't work I think 
>

Currently not requiring login? You're using the REST decorator? And you 
want to add JWT for security? 

In that direction, I'm wondering what @response.restfull() does with 
sessions.
http://web2py.com/books/default/chapter/29/10/services#Services-and-Authentication>
It appears that sessions (e.g. session cookies) are supported,
and I'd be trying to use the CAS approach in the call() routine.

This is speculation on my part; I'm not even a power user for auth.

/dps


El dic. 30, 2015 7:19 PM, "Dave S" > 
> escribió:
>
>> On Wednesday, December 30, 2015 at 2:33:46 PM UTC-8, 
>> luis.va...@metamaxzone.com wrote:
>>>
>>> What if i've two different applications (event in two differents 
>>> machines) one for the front end of my site (all my views, form, etc...) and 
>>> other to authenticate my users, i mean, a micro service architecture.
>>>
>>
>> Does the web2py CAS support help with this?  Assuming you're 
>> investigating the JWT support.
>>
>> > http://web2py.com/books/default/chapter/29/09/access-control#Central-Authentication-Service
>> >
>>
>> /dps
>>
>>  
>>
>>>
>>> El jueves, 24 de diciembre de 2015, 10:51:42 (UTC-4:30), Massimo Di 
>>> Pierro escribió:

 web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!

 It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
 importantly it contains experimental support for JWT. Here is how it works:

 1) instantiate auth with

 auth = Auth(db, jwt = {'secret_key':'secret'})

 where 'secret' is your own secret string. 

 2) Secorate functions that require login but should accept the 
 JWT token credentials:

 @auth.allows_jwt()
 @auth.requires_login()
 def myapi(): return 'hello %s' % auth.user.email
 
 Notice jwt is allowed but not required. if user is logged in, 
 myapi is accessible.

 3) Use it!
 Now API users can obtain a token with

 http://.../app/default/user/jwt?username=...&password=

 (returns json object with a token attribute)
 API users can refresh an existing token with

 http://.../app/default/user/jwt?token=...

 they can authenticate themselves when calling http:/.../myapi 
 by injecting a header

 Authorization: Bearer 

 Any additional attributes in the jwt argument of Auth() below:

auth = Auth(db, jwt = {...})

 are passed to the constructor of class AuthJWT. Look there for 
 documentation.

 Thanks Niphlod again for implementing this. 
 Please help us check it so we will declare it stable in the next 
 release.

 Massimo


 -- 
>> Resources:
>> - http://web2py.com
>> - http://web2py.com/book (Documentation)
>> - http://github.com/web2py/web2py (Source code)
>> - https://code.google.com/p/web2py/issues/list (Report Issues)
>> --- 
>> You received this message because you are subscribed to a topic in the 
>> Google Groups "web2py-users" group.
>> To unsubscribe from this topic, visit 
>> https://groups.google.com/d/topic/web2py/NUDpOmGLDTQ/unsubscribe.
>> To unsubscribe from this group and all its topics, send an email to 
>> web2py+un...@googlegroups.com .
>> For more options, visit https://groups.google.com/d/optout.
>>
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [web2py] Re: web2py 2.13.3 is OUT

[Luis Valladares]

All my applications are REST so CAS doesn't work I think
El dic. 30, 2015 7:19 PM, "Dave S"  escribió:

> On Wednesday, December 30, 2015 at 2:33:46 PM UTC-8,
> luis.va...@metamaxzone.com wrote:
>>
>> What if i've two different applications (event in two differents
>> machines) one for the front end of my site (all my views, form, etc...) and
>> other to authenticate my users, i mean, a micro service architecture.
>>
>
> Does the web2py CAS support help with this?  Assuming you're investigating
> the JWT support.
>
>  http://web2py.com/books/default/chapter/29/09/access-control#Central-Authentication-Service
> >
>
> /dps
>
>
>
>>
>> El jueves, 24 de diciembre de 2015, 10:51:42 (UTC-4:30), Massimo Di
>> Pierro escribió:
>>>
>>> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>>>
>>> It contains some bug fixes for bugs introduced in 2.13.1-2 and most
>>> importantly it contains experimental support for JWT. Here is how it works:
>>>
>>> 1) instantiate auth with
>>>
>>> auth = Auth(db, jwt = {'secret_key':'secret'})
>>>
>>> where 'secret' is your own secret string.
>>>
>>> 2) Secorate functions that require login but should accept the
>>> JWT token credentials:
>>>
>>> @auth.allows_jwt()
>>> @auth.requires_login()
>>> def myapi(): return 'hello %s' % auth.user.email
>>>
>>> Notice jwt is allowed but not required. if user is logged in,
>>> myapi is accessible.
>>>
>>> 3) Use it!
>>> Now API users can obtain a token with
>>>
>>> http://.../app/default/user/jwt?username=...&password=
>>>
>>> (returns json object with a token attribute)
>>> API users can refresh an existing token with
>>>
>>> http://.../app/default/user/jwt?token=...
>>>
>>> they can authenticate themselves when calling http:/.../myapi by
>>> injecting a header
>>>
>>> Authorization: Bearer 
>>>
>>> Any additional attributes in the jwt argument of Auth() below:
>>>
>>>auth = Auth(db, jwt = {...})
>>>
>>> are passed to the constructor of class AuthJWT. Look there for
>>> documentation.
>>>
>>> Thanks Niphlod again for implementing this.
>>> Please help us check it so we will declare it stable in the next release.
>>>
>>> Massimo
>>>
>>>
>>> --
> Resources:
> - http://web2py.com
> - http://web2py.com/book (Documentation)
> - http://github.com/web2py/web2py (Source code)
> - https://code.google.com/p/web2py/issues/list (Report Issues)
> ---
> You received this message because you are subscribed to a topic in the
> Google Groups "web2py-users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/web2py/NUDpOmGLDTQ/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> web2py+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[web2py] Re: web2py 2.13.3 is OUT

[Dave S]

On Wednesday, December 30, 2015 at 2:33:46 PM UTC-8, 
luis.va...@metamaxzone.com wrote:
>
> What if i've two different applications (event in two differents machines) 
> one for the front end of my site (all my views, form, etc...) and other to 
> authenticate my users, i mean, a micro service architecture.
>

Does the web2py CAS support help with this?  Assuming you're investigating 
the JWT support.

http://web2py.com/books/default/chapter/29/09/access-control#Central-Authentication-Service>

/dps

 

>
> El jueves, 24 de diciembre de 2015, 10:51:42 (UTC-4:30), Massimo Di Pierro 
> escribió:
>>
>> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>>
>> It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
>> importantly it contains experimental support for JWT. Here is how it works:
>>
>> 1) instantiate auth with
>>
>> auth = Auth(db, jwt = {'secret_key':'secret'})
>>
>> where 'secret' is your own secret string. 
>>
>> 2) Secorate functions that require login but should accept the 
>> JWT token credentials:
>>
>> @auth.allows_jwt()
>> @auth.requires_login()
>> def myapi(): return 'hello %s' % auth.user.email
>> 
>> Notice jwt is allowed but not required. if user is logged in, 
>> myapi is accessible.
>>
>> 3) Use it!
>> Now API users can obtain a token with
>>
>> http://.../app/default/user/jwt?username=...&password=
>>
>> (returns json object with a token attribute)
>> API users can refresh an existing token with
>>
>> http://.../app/default/user/jwt?token=...
>>
>> they can authenticate themselves when calling http:/.../myapi by 
>> injecting a header
>>
>> Authorization: Bearer 
>>
>> Any additional attributes in the jwt argument of Auth() below:
>>
>>auth = Auth(db, jwt = {...})
>>
>> are passed to the constructor of class AuthJWT. Look there for 
>> documentation.
>>
>> Thanks Niphlod again for implementing this. 
>> Please help us check it so we will declare it stable in the next release.
>>
>> Massimo
>>
>>
>>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[web2py] Re: web2py 2.13.3 is OUT

[luis . valladares]

What if i've two different applications (event in two differents machines) 
one for the front end of my site (all my views, form, etc...) and other to 
authenticate my users, i mean, a micro service architecture.

El jueves, 24 de diciembre de 2015, 10:51:42 (UTC-4:30), Massimo Di Pierro 
escribió:
>
> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>
> It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
> importantly it contains experimental support for JWT. Here is how it works:
>
> 1) instantiate auth with
>
> auth = Auth(db, jwt = {'secret_key':'secret'})
>
> where 'secret' is your own secret string. 
>
> 2) Secorate functions that require login but should accept the JWT 
> token credentials:
>
> @auth.allows_jwt()
> @auth.requires_login()
> def myapi(): return 'hello %s' % auth.user.email
> 
> Notice jwt is allowed but not required. if user is logged in, 
> myapi is accessible.
>
> 3) Use it!
> Now API users can obtain a token with
>
> http://.../app/default/user/jwt?username=...&password=
>
> (returns json object with a token attribute)
> API users can refresh an existing token with
>
> http://.../app/default/user/jwt?token=...
>
> they can authenticate themselves when calling http:/.../myapi by 
> injecting a header
>
> Authorization: Bearer 
>
> Any additional attributes in the jwt argument of Auth() below:
>
>auth = Auth(db, jwt = {...})
>
> are passed to the constructor of class AuthJWT. Look there for 
> documentation.
>
> Thanks Niphlod again for implementing this. 
> Please help us check it so we will declare it stable in the next release.
>
> Massimo
>
>
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [web2py] Re: web2py 2.13.3 is OUT

[Massimo Di Pierro]

You can do exactly that with web2py 2.13.4

https://github.com/web2py/web2py/blob/master/gluon/tools.py#L1200

except you need two validators instead of one:

@auth.allow_jwt()
@auth.requires_login()

which means that you want allow jwt to give you login-like privileges.

if you want you can do

def requires_jwt(func):
 return auth.allow_jwt()(auth.requires_login()(func)

and then just use

@requires_jwt

as you want.

On Monday, 28 December 2015 13:05:04 UTC-6, Ramos wrote:
>
> can i do
>
>@auth.requires_jwt()
>
> I would like to use web2py just as a rest api , auth included...
>
> 2015-12-27 7:09 GMT+00:00 Massimo Di Pierro :
>
>> good catch! we will have to refactor that to support earlier versions of 
>> python.
>>
>>
>> On Sunday, 27 December 2015 01:02:09 UTC-6, Lou C wrote:
>>>
>>> I am running version 2.13.4 on GAE which runs on python 2.7.5. The 
>>> problem arises when using the @auth.allows_jwt() decorator. The error I get 
>>> is AttributeError: 'module' object has no attribute 'compare_digest'.  
>>> Which is being called in :
>>>
>>> def verify_signature(self, body, signature, secret):
>>> mauth = hmac.new(key=secret, msg=body, digestmod=self.digestmod)
>>> return hmac.compare_digest(self.jwt_b64e(mauth.digest()), 
>>> signature)
>>>
>>> I believe this is because hmac.py uses compare_digest in version 2.7.7. 
>>> Anyway to use jwt on GAE ?
>>>
>>> On Friday, December 25, 2015 at 9:04:11 PM UTC-8, Massimo Di Pierro 
>>> wrote:

 This is issue is now fixed in 2.13.4. :-)

 On Friday, 25 December 2015 22:37:54 UTC-6, Πέτρος Χατζηλάμπρος wrote:
>
> Mrry Christmas
>
> I found the following bug in version 2.13.3:
>
> I am using linux mint and I have a folder named web2py on the ~/Desktop
> I was using to run web2py by opening terminal and giving the command 
> "python ~/Desktop/web2py/web2py.py -a "tsouras" -i 0.0.0.0".
> After the update to version 2.13.3 the following error appears
> Traceback (most recent call last):
>   File "/home/tsouras/Desktop/web2py/web2py.py", line 6, in 
> import gluon.widget
>   File "/home/tsouras/Desktop/web2py/gluon/widget.py", line 26, in 
> 
> import gluon.main as main
>   File "/home/tsouras/Desktop/web2py/gluon/main.py", line 125, in 
> 
> raise RuntimeError("Cannot determine web2py version")
> RuntimeError: Cannot determine web2py version
>
> So, I did some debugging and I found out 
> that global_settings.gluon_parent is "/home/tsouras" instead of being 
> "/home/tsouras/Desktop/web2py"
> I overcome this problem by opening terminal and giving command "cd 
> ~Desktop/web2py" before giving the command "python 
> ~/Desktop/web2py/web2py.py -a "tsouras" -i 0.0.0.0"
>
> I did not have this problem using the previous version of web2py
>
> On Thursday, December 24, 2015 at 5:21:42 PM UTC+2, Massimo Di Pierro 
> wrote:
>>
>> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>>
>> It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
>> importantly it contains experimental support for JWT. Here is how it 
>> works:
>>
>> 1) instantiate auth with
>>
>> auth = Auth(db, jwt = {'secret_key':'secret'})
>>
>> where 'secret' is your own secret string. 
>>
>> 2) Secorate functions that require login but should accept 
>> the JWT token credentials:
>>
>> @auth.allows_jwt()
>> @auth.requires_login()
>> def myapi(): return 'hello %s' % auth.user.email
>> 
>> Notice jwt is allowed but not required. if user is logged in, 
>> myapi is accessible.
>>
>> 3) Use it!
>> Now API users can obtain a token with
>>
>> http://.../app/default/user/jwt?username=...&password=
>>
>> (returns json object with a token attribute)
>> API users can refresh an existing token with
>>
>> http://.../app/default/user/jwt?token=...
>>
>> they can authenticate themselves when calling http:/.../myapi 
>> by injecting a header
>>
>> Authorization: Bearer 
>>
>> Any additional attributes in the jwt argument of Auth() below:
>>
>>auth = Auth(db, jwt = {...})
>>
>> are passed to the constructor of class AuthJWT. Look there 
>> for documentation.
>>
>> Thanks Niphlod again for implementing this. 
>> Please help us check it so we will declare it stable in the next 
>> release.
>>
>> Massimo
>>
>>
>> -- 
>> Resources:
>> - http://web2py.com
>> - http://web2py.com/book (Documentation)
>> - http://github.com/web2py/web2py (Source code)
>> - https://code.google.com/p/web2py/issues/list (Report Issues)
>> --- 
>> You received th

Re: [web2py] Re: web2py 2.13.3 is OUT

[Dave S]

On Monday, December 28, 2015 at 11:05:04 AM UTC-8, Ramos wrote:
>
> can i do
>
>@auth.requires_jwt()
>
> I would like to use web2py just as a rest api , auth included...
>

What's your environment?

/dps

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [web2py] Re: web2py 2.13.3 is OUT

[António Ramos]

can i do

   @auth.requires_jwt()

I would like to use web2py just as a rest api , auth included...

2015-12-27 7:09 GMT+00:00 Massimo Di Pierro :

> good catch! we will have to refactor that to support earlier versions of
> python.
>
>
> On Sunday, 27 December 2015 01:02:09 UTC-6, Lou C wrote:
>>
>> I am running version 2.13.4 on GAE which runs on python 2.7.5. The
>> problem arises when using the @auth.allows_jwt() decorator. The error I get
>> is AttributeError: 'module' object has no attribute 'compare_digest'.
>> Which is being called in :
>>
>> def verify_signature(self, body, signature, secret):
>> mauth = hmac.new(key=secret, msg=body, digestmod=self.digestmod)
>> return hmac.compare_digest(self.jwt_b64e(mauth.digest()),
>> signature)
>>
>> I believe this is because hmac.py uses compare_digest in version 2.7.7.
>> Anyway to use jwt on GAE ?
>>
>> On Friday, December 25, 2015 at 9:04:11 PM UTC-8, Massimo Di Pierro wrote:
>>>
>>> This is issue is now fixed in 2.13.4. :-)
>>>
>>> On Friday, 25 December 2015 22:37:54 UTC-6, Πέτρος Χατζηλάμπρος wrote:

 Mrry Christmas

 I found the following bug in version 2.13.3:

 I am using linux mint and I have a folder named web2py on the ~/Desktop
 I was using to run web2py by opening terminal and giving the command
 "python ~/Desktop/web2py/web2py.py -a "tsouras" -i 0.0.0.0".
 After the update to version 2.13.3 the following error appears
 Traceback (most recent call last):
   File "/home/tsouras/Desktop/web2py/web2py.py", line 6, in 
 import gluon.widget
   File "/home/tsouras/Desktop/web2py/gluon/widget.py", line 26, in
 
 import gluon.main as main
   File "/home/tsouras/Desktop/web2py/gluon/main.py", line 125, in
 
 raise RuntimeError("Cannot determine web2py version")
 RuntimeError: Cannot determine web2py version

 So, I did some debugging and I found out
 that global_settings.gluon_parent is "/home/tsouras" instead of being
 "/home/tsouras/Desktop/web2py"
 I overcome this problem by opening terminal and giving command "cd
 ~Desktop/web2py" before giving the command "python
 ~/Desktop/web2py/web2py.py -a "tsouras" -i 0.0.0.0"

 I did not have this problem using the previous version of web2py

 On Thursday, December 24, 2015 at 5:21:42 PM UTC+2, Massimo Di Pierro
 wrote:
>
> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>
> It contains some bug fixes for bugs introduced in 2.13.1-2 and most
> importantly it contains experimental support for JWT. Here is how it 
> works:
>
> 1) instantiate auth with
>
> auth = Auth(db, jwt = {'secret_key':'secret'})
>
> where 'secret' is your own secret string.
>
> 2) Secorate functions that require login but should accept the
> JWT token credentials:
>
> @auth.allows_jwt()
> @auth.requires_login()
> def myapi(): return 'hello %s' % auth.user.email
>
> Notice jwt is allowed but not required. if user is logged in,
> myapi is accessible.
>
> 3) Use it!
> Now API users can obtain a token with
>
> http://.../app/default/user/jwt?username=...&password=
>
> (returns json object with a token attribute)
> API users can refresh an existing token with
>
> http://.../app/default/user/jwt?token=...
>
> they can authenticate themselves when calling http:/.../myapi
> by injecting a header
>
> Authorization: Bearer 
>
> Any additional attributes in the jwt argument of Auth() below:
>
>auth = Auth(db, jwt = {...})
>
> are passed to the constructor of class AuthJWT. Look there for
> documentation.
>
> Thanks Niphlod again for implementing this.
> Please help us check it so we will declare it stable in the next
> release.
>
> Massimo
>
>
> --
> Resources:
> - http://web2py.com
> - http://web2py.com/book (Documentation)
> - http://github.com/web2py/web2py (Source code)
> - https://code.google.com/p/web2py/issues/list (Report Issues)
> ---
> You received this message because you are subscribed to the Google Groups
> "web2py-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to web2py+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web

[web2py] Re: web2py 2.13.3 is OUT

[Massimo Di Pierro]

good catch! we will have to refactor that to support earlier versions of 
python.

On Sunday, 27 December 2015 01:02:09 UTC-6, Lou C wrote:
>
> I am running version 2.13.4 on GAE which runs on python 2.7.5. The problem 
> arises when using the @auth.allows_jwt() decorator. The error I get is 
> AttributeError: 
> 'module' object has no attribute 'compare_digest'.  
> Which is being called in :
>
> def verify_signature(self, body, signature, secret):
> mauth = hmac.new(key=secret, msg=body, digestmod=self.digestmod)
> return hmac.compare_digest(self.jwt_b64e(mauth.digest()), 
> signature)
>
> I believe this is because hmac.py uses compare_digest in version 2.7.7. 
> Anyway to use jwt on GAE ?
>
> On Friday, December 25, 2015 at 9:04:11 PM UTC-8, Massimo Di Pierro wrote:
>>
>> This is issue is now fixed in 2.13.4. :-)
>>
>> On Friday, 25 December 2015 22:37:54 UTC-6, Πέτρος Χατζηλάμπρος wrote:
>>>
>>> Mrry Christmas
>>>
>>> I found the following bug in version 2.13.3:
>>>
>>> I am using linux mint and I have a folder named web2py on the ~/Desktop
>>> I was using to run web2py by opening terminal and giving the command 
>>> "python ~/Desktop/web2py/web2py.py -a "tsouras" -i 0.0.0.0".
>>> After the update to version 2.13.3 the following error appears
>>> Traceback (most recent call last):
>>>   File "/home/tsouras/Desktop/web2py/web2py.py", line 6, in 
>>> import gluon.widget
>>>   File "/home/tsouras/Desktop/web2py/gluon/widget.py", line 26, in 
>>> 
>>> import gluon.main as main
>>>   File "/home/tsouras/Desktop/web2py/gluon/main.py", line 125, in 
>>> 
>>> raise RuntimeError("Cannot determine web2py version")
>>> RuntimeError: Cannot determine web2py version
>>>
>>> So, I did some debugging and I found out 
>>> that global_settings.gluon_parent is "/home/tsouras" instead of being 
>>> "/home/tsouras/Desktop/web2py"
>>> I overcome this problem by opening terminal and giving command "cd 
>>> ~Desktop/web2py" before giving the command "python 
>>> ~/Desktop/web2py/web2py.py -a "tsouras" -i 0.0.0.0"
>>>
>>> I did not have this problem using the previous version of web2py
>>>
>>> On Thursday, December 24, 2015 at 5:21:42 PM UTC+2, Massimo Di Pierro 
>>> wrote:

 web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!

 It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
 importantly it contains experimental support for JWT. Here is how it works:

 1) instantiate auth with

 auth = Auth(db, jwt = {'secret_key':'secret'})

 where 'secret' is your own secret string. 

 2) Secorate functions that require login but should accept the 
 JWT token credentials:

 @auth.allows_jwt()
 @auth.requires_login()
 def myapi(): return 'hello %s' % auth.user.email
 
 Notice jwt is allowed but not required. if user is logged in, 
 myapi is accessible.

 3) Use it!
 Now API users can obtain a token with

 http://.../app/default/user/jwt?username=...&password=

 (returns json object with a token attribute)
 API users can refresh an existing token with

 http://.../app/default/user/jwt?token=...

 they can authenticate themselves when calling http:/.../myapi 
 by injecting a header

 Authorization: Bearer 

 Any additional attributes in the jwt argument of Auth() below:

auth = Auth(db, jwt = {...})

 are passed to the constructor of class AuthJWT. Look there for 
 documentation.

 Thanks Niphlod again for implementing this. 
 Please help us check it so we will declare it stable in the next 
 release.

 Massimo




-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[web2py] Re: web2py 2.13.3 is OUT

[Lou C]

I am running version 2.13.4 on GAE which runs on python 2.7.5. The problem 
arises when using the @auth.allows_jwt() decorator. The error I get is 
AttributeError: 
'module' object has no attribute 'compare_digest'.  
Which is being called in :

def verify_signature(self, body, signature, secret):
mauth = hmac.new(key=secret, msg=body, digestmod=self.digestmod)
return hmac.compare_digest(self.jwt_b64e(mauth.digest()), signature)

I believe this is because hmac.py uses compare_digest in version 2.7.7. 
Anyway to use jwt on GAE ?

On Friday, December 25, 2015 at 9:04:11 PM UTC-8, Massimo Di Pierro wrote:
>
> This is issue is now fixed in 2.13.4. :-)
>
> On Friday, 25 December 2015 22:37:54 UTC-6, Πέτρος Χατζηλάμπρος wrote:
>>
>> Mrry Christmas
>>
>> I found the following bug in version 2.13.3:
>>
>> I am using linux mint and I have a folder named web2py on the ~/Desktop
>> I was using to run web2py by opening terminal and giving the command 
>> "python ~/Desktop/web2py/web2py.py -a "tsouras" -i 0.0.0.0".
>> After the update to version 2.13.3 the following error appears
>> Traceback (most recent call last):
>>   File "/home/tsouras/Desktop/web2py/web2py.py", line 6, in 
>> import gluon.widget
>>   File "/home/tsouras/Desktop/web2py/gluon/widget.py", line 26, in 
>> 
>> import gluon.main as main
>>   File "/home/tsouras/Desktop/web2py/gluon/main.py", line 125, in 
>> raise RuntimeError("Cannot determine web2py version")
>> RuntimeError: Cannot determine web2py version
>>
>> So, I did some debugging and I found out 
>> that global_settings.gluon_parent is "/home/tsouras" instead of being 
>> "/home/tsouras/Desktop/web2py"
>> I overcome this problem by opening terminal and giving command "cd 
>> ~Desktop/web2py" before giving the command "python 
>> ~/Desktop/web2py/web2py.py -a "tsouras" -i 0.0.0.0"
>>
>> I did not have this problem using the previous version of web2py
>>
>> On Thursday, December 24, 2015 at 5:21:42 PM UTC+2, Massimo Di Pierro 
>> wrote:
>>>
>>> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>>>
>>> It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
>>> importantly it contains experimental support for JWT. Here is how it works:
>>>
>>> 1) instantiate auth with
>>>
>>> auth = Auth(db, jwt = {'secret_key':'secret'})
>>>
>>> where 'secret' is your own secret string. 
>>>
>>> 2) Secorate functions that require login but should accept the 
>>> JWT token credentials:
>>>
>>> @auth.allows_jwt()
>>> @auth.requires_login()
>>> def myapi(): return 'hello %s' % auth.user.email
>>> 
>>> Notice jwt is allowed but not required. if user is logged in, 
>>> myapi is accessible.
>>>
>>> 3) Use it!
>>> Now API users can obtain a token with
>>>
>>> http://.../app/default/user/jwt?username=...&password=
>>>
>>> (returns json object with a token attribute)
>>> API users can refresh an existing token with
>>>
>>> http://.../app/default/user/jwt?token=...
>>>
>>> they can authenticate themselves when calling http:/.../myapi by 
>>> injecting a header
>>>
>>> Authorization: Bearer 
>>>
>>> Any additional attributes in the jwt argument of Auth() below:
>>>
>>>auth = Auth(db, jwt = {...})
>>>
>>> are passed to the constructor of class AuthJWT. Look there for 
>>> documentation.
>>>
>>> Thanks Niphlod again for implementing this. 
>>> Please help us check it so we will declare it stable in the next release.
>>>
>>> Massimo
>>>
>>>
>>>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[web2py] Re: web2py 2.13.3 is OUT

[Massimo Di Pierro]

This is issue is now fixed in 2.13.4. :-)

On Friday, 25 December 2015 22:37:54 UTC-6, Πέτρος Χατζηλάμπρος wrote:
>
> Mrry Christmas
>
> I found the following bug in version 2.13.3:
>
> I am using linux mint and I have a folder named web2py on the ~/Desktop
> I was using to run web2py by opening terminal and giving the command 
> "python ~/Desktop/web2py/web2py.py -a "tsouras" -i 0.0.0.0".
> After the update to version 2.13.3 the following error appears
> Traceback (most recent call last):
>   File "/home/tsouras/Desktop/web2py/web2py.py", line 6, in 
> import gluon.widget
>   File "/home/tsouras/Desktop/web2py/gluon/widget.py", line 26, in 
> import gluon.main as main
>   File "/home/tsouras/Desktop/web2py/gluon/main.py", line 125, in 
> raise RuntimeError("Cannot determine web2py version")
> RuntimeError: Cannot determine web2py version
>
> So, I did some debugging and I found out that global_settings.gluon_parent 
> is "/home/tsouras" instead of being "/home/tsouras/Desktop/web2py"
> I overcome this problem by opening terminal and giving command "cd 
> ~Desktop/web2py" before giving the command "python 
> ~/Desktop/web2py/web2py.py -a "tsouras" -i 0.0.0.0"
>
> I did not have this problem using the previous version of web2py
>
> On Thursday, December 24, 2015 at 5:21:42 PM UTC+2, Massimo Di Pierro 
> wrote:
>>
>> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>>
>> It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
>> importantly it contains experimental support for JWT. Here is how it works:
>>
>> 1) instantiate auth with
>>
>> auth = Auth(db, jwt = {'secret_key':'secret'})
>>
>> where 'secret' is your own secret string. 
>>
>> 2) Secorate functions that require login but should accept the 
>> JWT token credentials:
>>
>> @auth.allows_jwt()
>> @auth.requires_login()
>> def myapi(): return 'hello %s' % auth.user.email
>> 
>> Notice jwt is allowed but not required. if user is logged in, 
>> myapi is accessible.
>>
>> 3) Use it!
>> Now API users can obtain a token with
>>
>> http://.../app/default/user/jwt?username=...&password=
>>
>> (returns json object with a token attribute)
>> API users can refresh an existing token with
>>
>> http://.../app/default/user/jwt?token=...
>>
>> they can authenticate themselves when calling http:/.../myapi by 
>> injecting a header
>>
>> Authorization: Bearer 
>>
>> Any additional attributes in the jwt argument of Auth() below:
>>
>>auth = Auth(db, jwt = {...})
>>
>> are passed to the constructor of class AuthJWT. Look there for 
>> documentation.
>>
>> Thanks Niphlod again for implementing this. 
>> Please help us check it so we will declare it stable in the next release.
>>
>> Massimo
>>
>>
>>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[web2py] Re: web2py 2.13.3 is OUT

[Massimo Di Pierro]

I do not understand. That line is not in 2.13.3. Can you try upgrade again?

On Thursday, 24 December 2015 11:11:27 UTC-6, Seth J wrote:
>
> Hi Massimo,
>
> I just upgraded from 2.9.5 and it seemed to kill my LDAP authorization:
>
>  invalid syntax (ldap_auth.py, line 435)
> Versionweb2py™Version 2.13.3-stable+timestamp.2015.12.24.15.09.20PythonPython 
> 2.6.6: /usr/bin/python (prefix: /usr)Traceback
>
> 1.
> 2.
> 3.
> 4.
> 5.
> 6.
> 7.
> 8.
> 9.
> 10.
> 11.
> 12.
>
> Traceback (most recent call last):
>   File "/opt/web-apps/web2py/gluon/restricted.py", line 227, in restricted
> exec ccode in environment
>   File "/opt/web-apps/web2py/applications/CongressionalFoxPro/models/db.py" 
> ,
>  line 81, in 
> from gluon.contrib.login_methods.ldap_auth import ldap_auth
>   File "/opt/web-apps/web2py/gluon/custom_import.py", line 108, in 
> custom_importer
> return NATIVE_IMPORTER(name, globals, locals, fromlist, level)
>   File "/opt/web-apps/web2py/gluon/contrib/login_methods/ldap_auth.py", line 
> 435
> update_or_insert_values = {f: update_or_insert_values[f] for f in fields}
>^
> SyntaxError: invalid syntax
>
> Error snapshot [image: help] 
> 
>
> (invalid syntax (ldap_auth.py, line 435))
>
> On Thursday, December 24, 2015 at 10:21:42 AM UTC-5, Massimo Di Pierro 
> wrote:
>>
>> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>>
>> It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
>> importantly it contains experimental support for JWT. Here is how it works:
>>
>> 1) instantiate auth with
>>
>> auth = Auth(db, jwt = {'secret_key':'secret'})
>>
>> where 'secret' is your own secret string. 
>>
>> 2) Secorate functions that require login but should accept the 
>> JWT token credentials:
>>
>> @auth.allows_jwt()
>> @auth.requires_login()
>> def myapi(): return 'hello %s' % auth.user.email
>> 
>> Notice jwt is allowed but not required. if user is logged in, 
>> myapi is accessible.
>>
>> 3) Use it!
>> Now API users can obtain a token with
>>
>> http://.../app/default/user/jwt?username=...&password=
>>
>> (returns json object with a token attribute)
>> API users can refresh an existing token with
>>
>> http://.../app/default/user/jwt?token=...
>>
>> they can authenticate themselves when calling http:/.../myapi by 
>> injecting a header
>>
>> Authorization: Bearer 
>>
>> Any additional attributes in the jwt argument of Auth() below:
>>
>>auth = Auth(db, jwt = {...})
>>
>> are passed to the constructor of class AuthJWT. Look there for 
>> documentation.
>>
>> Thanks Niphlod again for implementing this. 
>> Please help us check it so we will declare it stable in the next release.
>>
>> Massimo
>>
>>
>>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[web2py] Re: web2py 2.13.3 is OUT

[Πέτρος Χατζηλάμπρος]

Mrry Christmas

I found the following bug in version 2.13.3:

I am using linux mint and I have a folder named web2py on the ~/Desktop
I was using to run web2py by opening terminal and giving the command 
"python ~/Desktop/web2py/web2py.py -a "tsouras" -i 0.0.0.0".
After the update to version 2.13.3 the following error appears
Traceback (most recent call last):
  File "/home/tsouras/Desktop/web2py/web2py.py", line 6, in 
import gluon.widget
  File "/home/tsouras/Desktop/web2py/gluon/widget.py", line 26, in 
import gluon.main as main
  File "/home/tsouras/Desktop/web2py/gluon/main.py", line 125, in 
raise RuntimeError("Cannot determine web2py version")
RuntimeError: Cannot determine web2py version

So, I did some debugging and I found out that global_settings.gluon_parent 
is "/home/tsouras" instead of being "/home/tsouras/Desktop/web2py"
I overcome this problem by opening terminal and giving command "cd 
~Desktop/web2py" before giving the command "python 
~/Desktop/web2py/web2py.py -a "tsouras" -i 0.0.0.0"

I did not have this problem using the previous version of web2py

On Thursday, December 24, 2015 at 5:21:42 PM UTC+2, Massimo Di Pierro wrote:
>
> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>
> It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
> importantly it contains experimental support for JWT. Here is how it works:
>
> 1) instantiate auth with
>
> auth = Auth(db, jwt = {'secret_key':'secret'})
>
> where 'secret' is your own secret string. 
>
> 2) Secorate functions that require login but should accept the JWT 
> token credentials:
>
> @auth.allows_jwt()
> @auth.requires_login()
> def myapi(): return 'hello %s' % auth.user.email
> 
> Notice jwt is allowed but not required. if user is logged in, 
> myapi is accessible.
>
> 3) Use it!
> Now API users can obtain a token with
>
> http://.../app/default/user/jwt?username=...&password=
>
> (returns json object with a token attribute)
> API users can refresh an existing token with
>
> http://.../app/default/user/jwt?token=...
>
> they can authenticate themselves when calling http:/.../myapi by 
> injecting a header
>
> Authorization: Bearer 
>
> Any additional attributes in the jwt argument of Auth() below:
>
>auth = Auth(db, jwt = {...})
>
> are passed to the constructor of class AuthJWT. Look there for 
> documentation.
>
> Thanks Niphlod again for implementing this. 
> Please help us check it so we will declare it stable in the next release.
>
> Massimo
>
>
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[web2py] Re: web2py 2.13.3 is OUT

[Seth J]

Definitely something has gone awry there. I replaced "ldap_auth.py" and 
"ldap_auth.pyc" from the 2.12.3 version and it works again.


On Thursday, December 24, 2015 at 12:11:27 PM UTC-5, Seth J wrote:
>
> Hi Massimo,
>
> I just upgraded from 2.9.5 and it seemed to kill my LDAP authorization:
>
>  invalid syntax (ldap_auth.py, line 435)
> Versionweb2py™Version 2.13.3-stable+timestamp.2015.12.24.15.09.20PythonPython 
> 2.6.6: /usr/bin/python (prefix: /usr)Traceback
>
> 1.
> 2.
> 3.
> 4.
> 5.
> 6.
> 7.
> 8.
> 9.
> 10.
> 11.
> 12.
>
> Traceback (most recent call last):
>   File "/opt/web-apps/web2py/gluon/restricted.py", line 227, in restricted
> exec ccode in environment
>   File "/opt/web-apps/web2py/applications/CongressionalFoxPro/models/db.py" 
> ,
>  line 81, in 
> from gluon.contrib.login_methods.ldap_auth import ldap_auth
>   File "/opt/web-apps/web2py/gluon/custom_import.py", line 108, in 
> custom_importer
> return NATIVE_IMPORTER(name, globals, locals, fromlist, level)
>   File "/opt/web-apps/web2py/gluon/contrib/login_methods/ldap_auth.py", line 
> 435
> update_or_insert_values = {f: update_or_insert_values[f] for f in fields}
>^
> SyntaxError: invalid syntax
>
> Error snapshot [image: help] 
> 
>
> (invalid syntax (ldap_auth.py, line 435))
>
> On Thursday, December 24, 2015 at 10:21:42 AM UTC-5, Massimo Di Pierro 
> wrote:
>>
>> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>>
>> It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
>> importantly it contains experimental support for JWT. Here is how it works:
>>
>> 1) instantiate auth with
>>
>> auth = Auth(db, jwt = {'secret_key':'secret'})
>>
>> where 'secret' is your own secret string. 
>>
>> 2) Secorate functions that require login but should accept the 
>> JWT token credentials:
>>
>> @auth.allows_jwt()
>> @auth.requires_login()
>> def myapi(): return 'hello %s' % auth.user.email
>> 
>> Notice jwt is allowed but not required. if user is logged in, 
>> myapi is accessible.
>>
>> 3) Use it!
>> Now API users can obtain a token with
>>
>> http://.../app/default/user/jwt?username=...&password=
>>
>> (returns json object with a token attribute)
>> API users can refresh an existing token with
>>
>> http://.../app/default/user/jwt?token=...
>>
>> they can authenticate themselves when calling http:/.../myapi by 
>> injecting a header
>>
>> Authorization: Bearer 
>>
>> Any additional attributes in the jwt argument of Auth() below:
>>
>>auth = Auth(db, jwt = {...})
>>
>> are passed to the constructor of class AuthJWT. Look there for 
>> documentation.
>>
>> Thanks Niphlod again for implementing this. 
>> Please help us check it so we will declare it stable in the next release.
>>
>> Massimo
>>
>>
>>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[web2py] Re: web2py 2.13.3 is OUT

[greenpoise]

I get this error upon restarting web2py after update:

Traceback (most recent call last):
  File "Applications/web2py/web2py.py", line 6, in 
import gluon.widget
  File "/home/danel/Applications/web2py/gluon/widget.py", line 26, in 

import gluon.main as main
  File "/home/danel/Applications/web2py/gluon/main.py", line 121, in 

raise RuntimeError("Cannot determine web2py version")
RuntimeError: Cannot determine web2py version




On Thursday, December 24, 2015 at 7:21:42 AM UTC-8, Massimo Di Pierro wrote:
>
> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>
> It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
> importantly it contains experimental support for JWT. Here is how it works:
>
> 1) instantiate auth with
>
> auth = Auth(db, jwt = {'secret_key':'secret'})
>
> where 'secret' is your own secret string. 
>
> 2) Secorate functions that require login but should accept the JWT 
> token credentials:
>
> @auth.allows_jwt()
> @auth.requires_login()
> def myapi(): return 'hello %s' % auth.user.email
> 
> Notice jwt is allowed but not required. if user is logged in, 
> myapi is accessible.
>
> 3) Use it!
> Now API users can obtain a token with
>
> http://.../app/default/user/jwt?username=...&password=
>
> (returns json object with a token attribute)
> API users can refresh an existing token with
>
> http://.../app/default/user/jwt?token=...
>
> they can authenticate themselves when calling http:/.../myapi by 
> injecting a header
>
> Authorization: Bearer 
>
> Any additional attributes in the jwt argument of Auth() below:
>
>auth = Auth(db, jwt = {...})
>
> are passed to the constructor of class AuthJWT. Look there for 
> documentation.
>
> Thanks Niphlod again for implementing this. 
> Please help us check it so we will declare it stable in the next release.
>
> Massimo
>
>
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [web2py] Re: web2py 2.13.3 is OUT

[Ovidio Marinho]

+1 testing





   [image: http://itjp.net.br] 
 http://itjp.net.b r
  *Ovidio Marinho Falcao Neto*
 ovidio...@gmail.com
Brasil


2015-12-24 15:11 GMT-02:00 Seth J :

> Hi Massimo,
>
> I just upgraded and it seemed to kill my LDAP authorization:
>
>  invalid syntax (ldap_auth.py, line 435)
> Versionweb2py™Version 2.13.3-stable+timestamp.2015.12.24.15.09.20PythonPython
> 2.6.6: /usr/bin/python (prefix: /usr)Traceback
>
> 1.
> 2.
> 3.
> 4.
> 5.
> 6.
> 7.
> 8.
> 9.
> 10.
> 11.
> 12.
>
> Traceback (most recent call last):
>   File "/opt/web-apps/web2py/gluon/restricted.py", line 227, in restricted
> exec ccode in environment
>   File "/opt/web-apps/web2py/applications/CongressionalFoxPro/models/db.py" 
> ,
>  line 81, in 
> from gluon.contrib.login_methods.ldap_auth import ldap_auth
>   File "/opt/web-apps/web2py/gluon/custom_import.py", line 108, in 
> custom_importer
> return NATIVE_IMPORTER(name, globals, locals, fromlist, level)
>   File "/opt/web-apps/web2py/gluon/contrib/login_methods/ldap_auth.py", line 
> 435
> update_or_insert_values = {f: update_or_insert_values[f] for f in fields}
>^
> SyntaxError: invalid syntax
>
> Error snapshot [image: help]
> 
>
> (invalid syntax (ldap_auth.py, line 435))
>
> On Thursday, December 24, 2015 at 10:21:42 AM UTC-5, Massimo Di Pierro
> wrote:
>>
>> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>>
>> It contains some bug fixes for bugs introduced in 2.13.1-2 and most
>> importantly it contains experimental support for JWT. Here is how it works:
>>
>> 1) instantiate auth with
>>
>> auth = Auth(db, jwt = {'secret_key':'secret'})
>>
>> where 'secret' is your own secret string.
>>
>> 2) Secorate functions that require login but should accept the
>> JWT token credentials:
>>
>> @auth.allows_jwt()
>> @auth.requires_login()
>> def myapi(): return 'hello %s' % auth.user.email
>>
>> Notice jwt is allowed but not required. if user is logged in,
>> myapi is accessible.
>>
>> 3) Use it!
>> Now API users can obtain a token with
>>
>> http://.../app/default/user/jwt?username=...&password=
>>
>> (returns json object with a token attribute)
>> API users can refresh an existing token with
>>
>> http://.../app/default/user/jwt?token=...
>>
>> they can authenticate themselves when calling http:/.../myapi by
>> injecting a header
>>
>> Authorization: Bearer 
>>
>> Any additional attributes in the jwt argument of Auth() below:
>>
>>auth = Auth(db, jwt = {...})
>>
>> are passed to the constructor of class AuthJWT. Look there for
>> documentation.
>>
>> Thanks Niphlod again for implementing this.
>> Please help us check it so we will declare it stable in the next release.
>>
>> Massimo
>>
>>
>> --
> Resources:
> - http://web2py.com
> - http://web2py.com/book (Documentation)
> - http://github.com/web2py/web2py (Source code)
> - https://code.google.com/p/web2py/issues/list (Report Issues)
> ---
> You received this message because you are subscribed to the Google Groups
> "web2py-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to web2py+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[web2py] Re: web2py 2.13.3 is OUT

[Seth J]

Hi Massimo,

I just upgraded and it seemed to kill my LDAP authorization:

 invalid syntax (ldap_auth.py, line 435)
Versionweb2py™Version 2.13.3-stable+timestamp.2015.12.24.15.09.20PythonPython 
2.6.6: /usr/bin/python (prefix: /usr)Traceback

1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.

Traceback (most recent call last):
  File "/opt/web-apps/web2py/gluon/restricted.py", line 227, in restricted
exec ccode in environment
  File "/opt/web-apps/web2py/applications/CongressionalFoxPro/models/db.py" 
,
 line 81, in 
from gluon.contrib.login_methods.ldap_auth import ldap_auth
  File "/opt/web-apps/web2py/gluon/custom_import.py", line 108, in 
custom_importer
return NATIVE_IMPORTER(name, globals, locals, fromlist, level)
  File "/opt/web-apps/web2py/gluon/contrib/login_methods/ldap_auth.py", line 435
update_or_insert_values = {f: update_or_insert_values[f] for f in fields}
   ^
SyntaxError: invalid syntax

Error snapshot [image: help] 


(invalid syntax (ldap_auth.py, line 435))

On Thursday, December 24, 2015 at 10:21:42 AM UTC-5, Massimo Di Pierro 
wrote:
>
> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!!
>
> It contains some bug fixes for bugs introduced in 2.13.1-2 and most 
> importantly it contains experimental support for JWT. Here is how it works:
>
> 1) instantiate auth with
>
> auth = Auth(db, jwt = {'secret_key':'secret'})
>
> where 'secret' is your own secret string. 
>
> 2) Secorate functions that require login but should accept the JWT 
> token credentials:
>
> @auth.allows_jwt()
> @auth.requires_login()
> def myapi(): return 'hello %s' % auth.user.email
> 
> Notice jwt is allowed but not required. if user is logged in, 
> myapi is accessible.
>
> 3) Use it!
> Now API users can obtain a token with
>
> http://.../app/default/user/jwt?username=...&password=
>
> (returns json object with a token attribute)
> API users can refresh an existing token with
>
> http://.../app/default/user/jwt?token=...
>
> they can authenticate themselves when calling http:/.../myapi by 
> injecting a header
>
> Authorization: Bearer 
>
> Any additional attributes in the jwt argument of Auth() below:
>
>auth = Auth(db, jwt = {...})
>
> are passed to the constructor of class AuthJWT. Look there for 
> documentation.
>
> Thanks Niphlod again for implementing this. 
> Please help us check it so we will declare it stable in the next release.
>
> Massimo
>
>
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.