Since my last message on this thread, I came up with a patch to the Auth.login() code that lets me do what I need, so figured I should post it here. Let me know if you see any issues with this approach (or improvements to it).
To recap, what I want to do is to let a script runing wget (not a browser) login and then work with some parts of the app that require membership in groups. I want to pass the user's name and password to the login form using post variables in the URL. This is not normally possible with web2py's Auth.login() function, so it needs to be modified, like this- referring to source code here: http://www.web2py.com/examples/static/epydoc/web2py.gluon.tools-pysrc.html#Auth Change these 3 lines ... 622 if FORM.accepts(form, request.vars, session, 623 formname='login', 624 onvalidation=onvalidation): ... to be these 3 lines: if username in request.vars.keys() and request.vars.password and \ FORM.accepts(form, request.vars, formname=None, onvalidation=onvalidation): This change lets the form take the username and password from the URL's post variables (or the form itself - but not both of course). Then my script will login using wget's optional arguments "--keep- session-cookies --save-cookies=" when submitting the user name and password to the app's login function. These wget options store the session cookie in a local file. Then subsequent wget calls to the restricted parts of the app can use those cookies as a token to gain access with the option "--load-cookies=". Apologies for straying a bit from the original use case of this thread, but perhaps it's general approach will be a helpful hint. Also: I don't fully understand what the purpose of the "formname" parameter is, or why it was necessary to None-ify it. If someone can explain this to me, I'd appreciate it. Dan On May 29, 6:15 pm, Dan <danbr...@gmail.com> wrote: > Reviving this thread from before... I would like to have a shell > script use wget to authenticate itself and access the data in a web2py > application, but I haven't been able to get the web2py app to accept > the post'ed email and password information, which I sent to the user/ > login URL. Is this the right way to do it? > > I see some passing references to alternate authorization methods in > the documentation and the code, but I haven't been able to get much > detail on what those might be. For example- > > http://mdp.cti.depaul.edu/examples/default/tools#authentication: > "The Auth calls can be extended, personalized, and replaced by other > authentication mechanisms which expose a similar interface." > > and inhttp://mdp.cti.depaul.edu/examples/static/epydoc/web2py.gluon.tools-p... > : > 644 if not user: > 645 ## try alternate login methods > 646 for login_method in > self.settings.login_methods: > 647 if login_method != self and \ > 648 login_method(request.vars > [username], > 649 > request.vars.password): > 650 user = self.get_or_create_user > (form.vars) > > Is there a place where I can find out more about what already exists, > or how to go about getting something like what the original message in > this thread described? > > Dan > > On May 17, 8:22 pm, mdipierro <mdipie...@cs.depaul.edu> wrote: > > > I need to look into this. I do not think there can be a generic > > approach. Each protocol has its own quirks and some do not handle > > session or authenication. > > > Massimo > > > On May 17, 8:14 pm, jcorbett <jasoncorb...@gmail.com> wrote: > > > > I love the service framework, however I am interested in being able to > > > authenticate users. With json/jsonrpcthis shouldn't be too hard as > > > the browser that the ajax request would come from would have the same > > > session. > > > > Particularly I am concerned with writing an xmlrpc service that > > > requires authentication. TheAuthclass doesn't seem to expose any of > > > the lower level logic for authentication (like a login function that > > > takes a username and a password). Any ideas on how I can do this. > > > I'm not afraid of writing my own implimentation, however I would love > > > to piggy back off what is already there. > > > > I would figure I would want to have a login function that would create > > > a session key (limited lifetime), and each function would be required > > > to provide that key. > > > > Any ideas would be appreciated. > > > > Jason Corbett > > > BTW I love the simplicity of web2py, it took me maybe 2-3 hours to > > > write a simple app that was even themed. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py Web Framework" group. To post to this group, send email to web2py@googlegroups.com To unsubscribe from this group, send email to web2py+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
