If this is of any help, I tried tracing basic login in tools.py, and
figured out variable "basic" never gets value from
current.request.env.http_authorization, so username and password never get
passed through.
On the local server, that value gets populated and basic login works as
expected... If anyone can share any advice where else to look for a
problem, please do. Sorry for going crazy here :)
tools.py
def basic(self):
"""
perform basic login.
reads current.request.env.http_authorization
and returns basic_allowed,basic_accepted,user
"""
if not self.settings.allow_basic_login:
return (False,False,False)
basic = current.request.env.http_authorization
if not basic or not basic[:6].lower() == 'basic ':
return (True, False, False)
(username, password) = base64.b64decode(basic[6:]).split(':')
return (True, True, self.login_bare(username, password))
On Wednesday, October 10, 2012 10:46:54 AM UTC-4, Adi wrote:
>
> This is an example from book, where authentication and posting into
> database work good on a local server.
>
> Once I moved the code to production redhat linux server, where we have
> routes.py as bellow all I get as result is a login redirect:
> You are being redirected <a href=
> "/user/login?_next=/webservices/api/customer.json%3FFirstName%3DTim5%26LastName%3DJson"
> >here</a>
>
> If I remove authentication (@auth.requires_login() and
> @auth.requires_permission('insert customer through webservice')) on
> production server, records are inserted properly.
>
> Tried adding default and webservices controllers into application specific
> routes.py, but it didn't help.
>
> Any suggestions what should I do?
>
> Thanks,
> Adnan
>
> tried in both, default.py and webservices.py controllers:
>
> auth.settings.allow_basic_login = True
> @auth.requires_login()
> @auth.requires_permission('insert customer through webservice')
> @request.restful()
> def api():
> response.view = 'generic.'+request.extension
>
> def GET(*args,**vars):
> patterns = [
> "/members[customer]",
> "/member_fn/{customer.FirstName.startswith}",
> "/member_ln/{customer.LastName.startswith}",
> "/member/{customer.FirstName}/:field",
>
> "/member/{customer.FirstName}/orders[customer_order.customer_id]",
>
> "/member/{customer.FirstName}/order[customer_order.customer_id]/{
> customer_order.id}",
>
> "/member/{customer.FirstName}/order[customer_order.customer_id]/{
> customer_order.id}/:field"
> ]
> parser = db.parse_as_rest(patterns,args,vars)
> if parser.status == 200:
> return dict(content=parser.response)
> else:
> raise HTTP(parser.status,parser.error)
> def POST(table_name,**vars):
> if table_name == 'customer':
> return db.customer.validate_and_insert(**vars)
> elif table_name == 'customer_order':
> return db.customer_order.validate_and_insert(**vars)
> else:
> raise HTTP(400)
> return locals()
>
>
>
>
>
> web2py folder: routes.py
> routers = dict(
> # base router
> BASE = dict(
> default_application = 'welcome', domains = {'crm.domain.com':
> 'crm' }
> ),
> )
>
>
>
> crm app folder: routes.py (deleted)
>
>
> Terminal test:
>
>
> asm21:~ adnan$ curl --user webserv...@domain.com:pass -d
> "FirstName=Tim5&LastName=Json" http://crm.domain.com/api/customer.json
> Result: You are being redirected <a href=
> "/user/login?_next=/api/customer.json%3FFirstName%3DTim5%26LastName%3DJson"
> >here</a>
>
> asm21:~ adnan$ curl --user webserv...@domain.com:pass -d
> "FirstName=Tim5&LastName=Json" http://crm.domain.com/webservices/api/
> customer.json
> Result: You are being redirected <a href=
> "/user/login?_next=/webservices/api/customer.json%3FFirstName%3DTim5%26LastName%3DJson"
> >here</a>
>
>
>
>
>
--
