hi, I'm new to web2py, so I'm afraid this is a silly question to ask, but I'm having a hard time trying to put some pieces together.
web2py documentation seems really complete most of times, but the chapter about Access Control relies too much in Janrain, which I would love to avoid using if possible (I have no problem with Janrain). what I want to do is offer the default auth using local database features *plus* OpenID Auth (for Yahoo and Google) and if possible, later, also support Facebook too (again, I have no problem with Facebook, I just happened to try OpenID Auth first). so, first, I used only the default auth with local database, and build my login form html layout by hand, like this: *db.py:* from gluon.tools import Auth auth = Auth(db) auth.define_tables(username=False, signature=False) *default.py:* def index(): if auth.is_logged_in(): redirect(URL('home')) return dict(form=auth()) def user(): return dict(form=auth()) def home(): return dict() *index.html:* ... <form method="post" action="/myapp/default/user/login" enctype="multipart/form-data"> <input type="text" name="email" > <input type="password" name="password" > <input name="_next" type="hidden" value="/acompanhacao/default/index"> <input name="_formkey" type="hidden" value="{{=form.formkey}}"> <input name="_formname" type="hidden" value="login"> <button type="submit">Submit</button> </form> ... and everything worked just fine (I had to fire the register url once, so I got an account to use, but I plan to improve this step later). I could login, logout, check if the user is_logged_in, etc. fine! now the problem starts. I wanted to add suport to OpenID without Janrain. so, I checked the Access Control chapter in the documentation, got some hints but no full examples, then I downloaded and checked the sources for the files openid_auth.py and extended_login_form.py (both from gluon.contrib.login_methods), got some other hints, googled something and ended up with this: *db.py:* from gluon.tools import Auth auth = Auth(db) auth.define_tables(username=False, signature=False) from gluon.contrib.login_methods.openid_auth import OpenIDAuth openid_login_form = OpenIDAuth(auth) from gluon.contrib.login_methods.extended_login_form import ExtendedLoginForm extended_login_form = ExtendedLoginForm(auth, openid_login_form, signals=['oid']) auth.settings.login_form = extended_login_form *default.py:* # no change in the previous methods, but added this: def test(): return dict(form=auth()) *test.html:* {{=form}} ok. now, when I browse /myapp/default/test I see a page with a form in two parts, the first one with username/password fields, and the bottom with a new field to input my openid provider url. the first thing I noticed is that I could not just use the tag: {{=form.formkey}} and build my form by hand, because I get a strange error like: "AttributeError: 'DIV' object has no attribute 'formkey'" some some reason, I believe my auth form is wrapped in such a way I cannot access its _formkey attribute anymore (and that's I endded up with that simple test.html) also, I could find no place to input beforehand the openid provider url. in fact, this is not completelly bad, because I plan to use two providers (yahoo and google) and so I'll probably put two forms (or just one javascript-managed) in my page. anyway, I still want to be able to build my forms by hand, and I cannot do this without access to the "formkey". (I believe) other thing I noticed is that there is no place where I inform which attributes I want from the openid provider (email, nickname, etc). ... anyway, I populated the automatically built form, submitted, and was redirected to the openid provider (I tested with yahoo, using url: https://me.yahoo.com). then I informed my username and password and was redirected back to my app, as if I logged in. but when I tested is_logged_in(), I got false. then, I checked the db.alt_logins table, and db.auth_user table, I found nothing new there (no new record with a new user or anything). so, I believe I almost did it, but something is still missing. what need to be answered is: 1. is it possible to use both auth methods (default and openid) together without Janrain? how do I setup this? 2. is it possible to build my forms by hand, without depending on the auto-generated forms? 3. if I got it right, the only thing I need is the form._formkey attribute, and for all the rest I can write my own html. I just need to know how to get the formkey from the extended_login_form; 4. the ExtendedLoginForm class seems to support only two auth methods, so how could I support three? for example: default auth, plus openid (yahoo/google), plus oauth (facebook)? can I chain ExtendedLoginForms? 5. I could find no docs about the "signals" used in the ExtendedLoginForm. could this be the problem in my setup? I tried using signals=['oid'] sorry for the mega-post, and thanks in advance! regards, Cesar -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.