On 18 fev, 17:31, Fran <francisb...@googlemail.com> wrote:
> On Feb 18, 6:42 pm, Abner <abner.jacob...@gmail.com> wrote:
>
> > next = request.vars._next or self.settings.login_next
>
> This is the correct order.
>
> self.settings.login_next is the default location to be redirected to.
> However this can e over-ridden per-page via request.vars._next.
>
Yes, the default approach is very good, but, the problem in my case
is: I'm not set any request.vars._next nor used auth.login(NEXT=...),
the auth.login is generating any form with empty next value - <input
name="_next" type="hidden" value="" /> - see this code from
auth.login:
def login(
self,
next=DEFAULT,
onvalidation=DEFAULT,
onaccept=DEFAULT,
log=DEFAULT,
):
...
if not request.vars._next:
request.vars._next = request.env.http_referer or ''
if next == DEFAULT:
next = request.vars._next or self.settings.login_next
If I undestand correct the logic is: if request.vars._next empty then
request.env.http_refere is set to it or '' if request.env.http_refere
not exists. In the next line if next is not set in the function call
then set next = request.vars._next. With this logic my default
settings, self.settings.login_next, never goes to next because
request.vars._next is = request.env.http_referer or = ''.
Also in the code of auth.login you can see:
form = SQLFORM(
user,
fields=[username, 'password'],
hidden=dict(_next=request.vars._next),
showid=self.settings.showid,
submit_button=self.settings.submit_button,
delete_label=self.settings.delete_label,
)
And this generate <input name="_next" type="hidden" value="" /> not
the value I set on self.settings.login_next. I think that this logic
is more correct:
In the _init_ of the auth class change:
self.settings.login_next = URL(r=request, f='index')
to
self.settings.login_next = None
then in login function:
if not request.vars._next:
request.vars._next = request.env.http_referer or ''
if next == DEFAULT:
if self.settings.login_next == None:
next = request.vars._next
else:
next = self.settings.login_next
With this if auth.login is called without NEXT and without
self.settings.login_next then request.vars._nex is used. What you
think about this ?
With the actual code/login self.settings.login_next never goes to be
used.
> This allows any page which requests a login to get the logged-in user
> to return to *that* page.
> - functionality which I greatly appreciate :)
>
> F
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web2py Web Framework" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this group, send email to
web2py+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---
