Good point -- I'm not sure I agree that 401 should be forced for Ajax requests -- we should probably have an option to allow Ajax requests to be treated the same as other requests (maybe open an issue about it). (In fact, the old "elif request.ajax" condition was left in the code, even though it can never execute.) For now, though, you have several options:
- If you want to customize the 401 message, see http://web2py.com/books/default/chapter/29/04#Routes-on-error. - Check for the 401 on the client side via Javascript and take the appropriate action there. - Instead of decorating the function, you can simply check for auth.user within the function and take whatever action you prefer if the user isn't logged in. - Do something like this: if request.ajax: auth.settings.on_failed_authorization = auth.settings.login_url ... @auth.requires(auth.user, requires_login=False) That uses the generic @auth.requires(), checking for the existence of auth.user, but not explicitly running the requires_login code. In this case, failure redirects to the auth.settings.on_failed_authorization URL, which is why that is reset to the login_url for Ajax requests. Anthony On Wednesday, March 27, 2013 7:16:41 PM UTC-4, Brian M wrote: > > I have a page that is using LOAD() to pull in a form that requires the > user to be logged-in (@auth.requires_login()) In previous versions of > web2py if the user hadn't yet logged in they'd get the login screen within > the LOAD()'s DIV and at least could get an idea of what they needed to do > before proceeding, but now with the current version they just see "401 NOT > AUTHORIZED" which just completely confuses my users. It appears that this > change was made in response to issue > 832<https://code.google.com/p/web2py/issues/detail?can=1&q=832&colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary&id=832>in > this > commit<https://github.com/web2py/web2py/commit/37acdc0cc66eec4c65fcf59b1136c2e3fda83d4b>. > > Is there at least some way to specify my own message instead so it says > something like "Please log-in" rather than "401 NOT AUTHORIZED"? > > Thanks, > ~Brian > -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
