[web2py] session.forget and webclient

Sun, 09 Oct 2016 05:23:29 -0700 

Hello,

 I'm looking for a deeper understanding on how session and `session.forget`
works. More precisely, I was wondering if the authentication would survive
a `session.forget` call.
 So, I add `session.forget` at the beginning of the default/index
controller, and everything seems to go fine when manually testing in a web
browser (i.e., once logged, the user stay logged even after visiting
default/index).
 However, when testing with webclient, the same action failed, and the user
is now logged out after visiting default/index. You can try  by applying
the following patch on the last mercurial head :
```diff
diff --git a/applications/welcome/controllers/default.py
b/applications/welcome/controllers/default.py
index 87c6d55..7d8b06a 100644
--- a/applications/welcome/controllers/default.py
+++ b/applications/welcome/controllers/default.py
@@ -17,10 +17,15 @@ def index():
     if you need a simple wiki simply replace the two lines below with:
     return auth.wiki()
     """
+    session.forget(response)
     response.flash = T("Hello World")
     return dict(message=T('Welcome to web2py!'))


+@auth.requires_login()
+def logged_action():
+    return dict(res=auth.user)
+
 def user():
     """
     exposes:
diff --git a/gluon/tests/test_web.py b/gluon/tests/test_web.py
index 4a3ef3b..4f0886f 100644
--- a/gluon/tests/test_web.py
+++ b/gluon/tests/test_web.py
@@ -88,7 +88,9 @@ class TestWeb(LiveTest):

         # check registration and login were successful
         client.get('index')
+        self.assertTrue('Welcome Homer' in client.text)

+        client.get('logged_action')
         self.assertTrue('Welcome Homer' in client.text)

         client = WebClient('http://127.0.0.1:8000/admin/default/')

```

and run the test with:
```
python2 -m unittest -v gluon.tests.test_web
```

Some questions follow:
- how can a logged-in user stay logged after visiting a page which does a
`session.forget` (I guess there are some cookies into the play) ?
- is the observed behaviour of`webclient` expected ? If not, what shall
`webclient` do to mimic the behaviour of a web browser.

Thank you for sharing your insights.

-Mathieu

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to