I don't think you'll be able to use that method from the browser with the auth.requires_login() decorator, as the browser will not send the Authorization header unless the server first sends back a 401 response, and auth.basic() does not do that by default. To get that behavior, you would have to enable a basic auth realm. So, instead of using the decorator, to check authorization, in your function, you could do something like:
if not auth.basic(basic_auth_realm=True)[2]: raise HTTP(403): auth.basic() returns a 3-tuple, the last element of which indicates whether the submitted credentials are associated with a valid user. Anyway, presumably you're not planning to make these basic auth calls from the browser, so you should be able to stick with the auth.requires_login() decorator if you'll instead being using some other tool to make the requests. Anthony On Friday, December 11, 2015 at 9:44:16 AM UTC-5, Boris Aramis Aguilar RodrÃguez wrote: > > Currently I'm trying to create a service for my application as follows: > > auth.settings.allow_basic_login = True > > @auth.requires_login() > def test(): > from gluon.serializers import json > return json((auth.user, 'hello')) > > But I've tried to do authentication using the browser as follows: > https://u...@domain.com:password@172.1.1.1/api/test.json > (which of course seems broken since @ doesn't seem valid) > > So I tried the scaped version: > > https://user%40domain.com:password@172.1.1.1/api/test.json > > but still, I'm being redirected to the login URL, like if basic auth had > no effect. > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.