That didn't work for me either. Here is the command I tried: wget -O - http://username...@127.0.0.1:8000/app/default/index I see the login form, not the "hello world" page. and I used urllib to encode the "@" character in the username. it replaces it with "%40"
and the curl equivalent of this didn't work for me either. curl http://username=passw...@127.0.0.1:8000/app/default/index it responds with only one line: You are being redirected <a href="/app/default/login">here</a> On Jun 1, 8:15 am, mdipierro <mdipie...@cs.depaul.edu> wrote: > Try > > wget http://username:passw...@127.0.0.1:8000/app/default/index > > On Jun 1, 10:10 am, Dan <danbr...@gmail.com> wrote: > > > thanks Massimo - that works great using curl, but I couldn't get it to > > work using wget, eg. > > > wget --user=username --password=password -O > > -http://127.0.0.1:8000/app/default/index > > > Any suggestions? > > > On May 31, 9:51 pm, mdipierro <mdipie...@cs.depaul.edu> wrote: > > > > OK. As you request since the latest version in trunk you can do > > > > @auth.requires_login() > > > def index(): return 'hello world' > > > > and access it with > > > > curl -u username:passwordhttp://127.0.0.1:8000/app/default/index > > > > or > > > > curl http://username:passw...@127.0.0.1:8000/app/default/index > > > > In the latter case username and password have to be encoded by > > > urllib.quote() > > > > works for services too. > > > > Massimo > > > > On May 31, 10:43 pm, Dan <danbr...@gmail.com> wrote: > > > > > Since my last message on this thread, I came up with a patch to the > > > > Auth.login() code that lets me do what I need, so figured I should > > > > post it here. Let me know if you see any issues with this approach (or > > > > improvements to it). > > > > > To recap, what I want to do is to let a script runing wget (not a > > > > browser) login and then work with some parts of the app that require > > > > membership in groups. I want to pass the user's name and password to > > > > the login form using post variables in the URL. This is not normally > > > > possible with web2py's Auth.login() function, so it needs to be > > > > modified, like this- > > > > > referring to source code > > > > here:http://www.web2py.com/examples/static/epydoc/web2py.gluon.tools-pysrc... > > > > Change these 3 lines ... > > > > 622 if FORM.accepts(form, request.vars, session, > > > > 623 formname='login', > > > > 624 onvalidation=onvalidation): > > > > > ... to be these 3 lines: > > > > if username in request.vars.keys() and request.vars.password and \ > > > > FORM.accepts(form, request.vars, > > > > formname=None, onvalidation=onvalidation): > > > > > This change lets the form take the username and password from the > > > > URL's post variables (or the form itself - but not both of course). > > > > Then my script will login using wget's optional arguments "--keep- > > > > session-cookies --save-cookies=" when submitting the user name and > > > > password to the app's login function. These wget options store the > > > > session cookie in a local file. Then subsequent wget calls to the > > > > restricted parts of the app can use those cookies as a token to gain > > > > access with the option "--load-cookies=". > > > > > Apologies for straying a bit from the original use case of this > > > > thread, but perhaps it's general approach will be a helpful hint. > > > > > Also: I don't fully understand what the purpose of the "formname" > > > > parameter is, or why it was necessary to None-ify it. If someone can > > > > explain this to me, I'd appreciate it. > > > > > Dan > > > > > On May 29, 6:15 pm, Dan <danbr...@gmail.com> wrote: > > > > > > Reviving this thread from before... I would like to have a shell > > > > > script use wget to authenticate itself and access the data in a web2py > > > > > application, but I haven't been able to get the web2py app to accept > > > > > the post'ed email and password information, which I sent to the user/ > > > > > login URL. Is this the right way to do it? > > > > > > I see some passing references to alternate authorization methods in > > > > > the documentation and the code, but I haven't been able to get much > > > > > detail on what those might be. For example- > > > > > >http://mdp.cti.depaul.edu/examples/default/tools#authentication: > > > > > "The Auth calls can be extended, personalized, and replaced by other > > > > > authentication mechanisms which expose a similar interface." > > > > > > and > > > > > inhttp://mdp.cti.depaul.edu/examples/static/epydoc/web2py.gluon.tools-p... > > > > > : > > > > > 644 if not user: > > > > > 645 ## try alternate login methods > > > > > 646 for login_method in > > > > > self.settings.login_methods: > > > > > 647 if login_method != self and \ > > > > > 648 login_method(request.vars > > > > > [username], > > > > > 649 > > > > > request.vars.password): > > > > > 650 user = self.get_or_create_user > > > > > (form.vars) > > > > > > Is there a place where I can find out more about what already exists, > > > > > or how to go about getting something like what the original message in > > > > > this thread described? > > > > > > Dan > > > > > > On May 17, 8:22 pm, mdipierro <mdipie...@cs.depaul.edu> wrote: > > > > > > > I need to look into this. I do not think there can be a generic > > > > > > approach. Each protocol has its own quirks and some do not handle > > > > > > session or authenication. > > > > > > > Massimo > > > > > > > On May 17, 8:14 pm, jcorbett <jasoncorb...@gmail.com> wrote: > > > > > > > > I love the service framework, however I am interested in being > > > > > > > able to > > > > > > > authenticate users. With json/jsonrpcthis shouldn't be too hard > > > > > > > as > > > > > > > the browser that the ajax request would come from would have the > > > > > > > same > > > > > > > session. > > > > > > > > Particularly I am concerned with writing an xmlrpc service that > > > > > > > requires authentication. TheAuthclass doesn't seem to expose any > > > > > > > of > > > > > > > the lower level logic for authentication (like a login function > > > > > > > that > > > > > > > takes a username and a password). Any ideas on how I can do this. > > > > > > > I'm not afraid of writing my own implimentation, however I would > > > > > > > love > > > > > > > to piggy back off what is already there. > > > > > > > > I would figure I would want to have a login function that would > > > > > > > create > > > > > > > a session key (limited lifetime), and each function would be > > > > > > > required > > > > > > > to provide that key. > > > > > > > > Any ideas would be appreciated. > > > > > > > > Jason Corbett > > > > > > > BTW I love the simplicity of web2py, it took me maybe 2-3 hours to > > > > > > > write a simple app that was even themed. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py Web Framework" group. To post to this group, send email to web2py@googlegroups.com To unsubscribe from this group, send email to web2py+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
