On Thursday, November 19, 2015 at 4:25:07 PM UTC-8, Jason Solack wrote: > > Hello, > > I'm wondering if anyone is aware of a guide on creating a secure REST > service with web2py. I'd like to get help with creating authentication > tokens and handshaking and then creating a temporary key allowing people to > access the service for a set period of time. > > Thank you for you help and information. > >
Niphlod has a JWT implementation that may be what you're looking for. The list of features is in his post in the developer's forum. <URL: https://groups.google.com/d/msg/web2py-developers/dXfUrHNI5Sg/gqNa3kXsCQAJ> If you need some background on JWT, my reading list recently included <URL:https://self-issued.info/docs/draft-ietf-oauth-json-web-token.html> (that's the standard as of May; it's actually readable by users of standards as well the writers, I think) Last I heard, there was still discussion about how to make this part of the distribution, because the "contrib" directory can become a maintenance black hole. /dps -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.