In my words: validates that the user that saw the link is the user that executes the intended action.
More here: http://web2py.com/books/default/chapter/29/04?search=requires_signature#Digitally-signed-urls joi, 22 noiembrie 2012, 14:13:19 UTC+2, viniciusban a scris: > > BTW, what does @auth.requires_signature() really means? > > Wouldn't it be @auth.requires_login()? > > > > On Thu, Nov 22, 2012 at 6:19 AM, rif <feri...@gmail.com <javascript:>> > wrote: > > If you create a link with user_signature=True and a controller with > > @auth.requires_signature() and a user clicks on it while not yet logged > in > > he/she will be presented with the login page and after that redirected > to > > the original link but with Not authorized message. > > > > It is only after that user reloads the page containing the link and > clicks > > on it again that she/he can access the page. > > > > Is there a workaround to this behavior? I want to be redirected directly > to > > the protected page after login. > > > > -rif > > > > -- > > > > > > > --