It's not very hard. Here's one way to do it with just changes to the included welcome application's default user controller.
def user(): """ exposes: http://..../[app]/default/user/login http://..../[app]/default/user/logout http://..../[app]/default/user/register http://..../[app]/default/user/profile http://..../[app]/default/user/retrieve_password http://..../[app]/default/user/change_password http://..../[app]/default/user/manage_users (requires membership in use @auth.requires_login() @auth.requires_membership('group name') @auth.requires_permission('read','table name',record_id) to decorate functions that need access control """ def invalid_login(): table_user = auth.table_user() username = auth.settings.login_userfield or 'username' if 'username' in table_user.fields else 'email' if username in request.vars: entered_username = request.vars[username] if auth.settings.multi_login and '@' in entered_username: # if '@' in username check for email, not username user = table_user(email = entered_username) else: user = table_user(**{username: entered_username}) if user: # If the user exists then the password must be invalid return auth.messages.invalid_password return auth.messages.invalid_user if request.args(0) == 'login' and request.vars: auth.messages.invalid_login = invalid_login() return dict(form=auth()) -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.