Sorry I lost my own question for almost a yer :S Finally I was doing this:
def get_index(): if not auth.user: return 'Your session has expired, you have to %s again.' % A('login' , _href=URL('user', 'login')) or def remove_ref_blacklisted(): if not auth.user: return "jQuery('#details').html('Your session has expired, you have to %s again.');" % A('login', _href=URL('user', 'login')) So the message was showed in the "details" div with the link to log in again, *but your answer is what I really was looking for, thanks.* Why can I not use @auth.requires_login(otherwise=URL('log_again')) in tools.py, if login_required and not user and current.request.ajax then raise 401 before checking for otherwise to redirect. if login_required: if not user: if current.request.ajax: raise HTTP(401, self.messages.ajax_failed_authentication) elif otherwise is not None: if callable(otherwise): return otherwise() redirect(otherwise) I even tried to use user_signature in ajax calls (js in views) with @auth.requires_signature() but I think I missunderstood something about that, no luck. Thanks El domingo, 19 de junio de 2016, 6:33:47 (UTC+2), Anthony escribió: > > What you are doing is roughly equivalent to just doing: > > redirect(URL('default', 'user', args='login'), client_side=True) > > When you call redirect during an Ajax request, setting client_side=True > causes the parent window to redirect (via Javascript). So, you could do > something like: > > def get_index(): > if not auth.user: > redirect(URL('default', 'user', args='login'), client_side=True) > if not auth.has_membership('role'): > raise HTTP(403, ...) > > > Anthony > > > On Saturday, June 18, 2016 at 8:47:42 AM UTC-4, Paco Bernal wrote:Hi all, > > This is my first question here, although I use it sometimes to read a few > questions that I make to myself when coding using this cool and great tool. > Thanks. > > A few months ago I started to use ajax to fill middle column of screen > from clicks (interaction with the user) in the left sidebar and sometimes > to show right side bar with more info when interacting with middel column. > Maybe looking for ways to opotimaze data flow in the network and from the > server, and for learning. > > Something like this: > > ajax('{{=URL('get_index', vars=dict(filters=''))}}' + filters_post, [], > 'div_target'); > > But when the user lose his session (you can delete cookies for example) > because of ajax to fill a div, nothing happens when the user clicks on the > left side bar, no error and no redirect to user login even with > @auth.requires_membership('roll') in defs inside the controller. > > So, the only way I found is to add these lines at the beginning of the > controller : > > #---------------------------------- > if not auth.user and not session.not_auth: > session.not_auth = True > redirect (URL('not_auth')) > #---------------------------------- > def not_auth(): > session.not_auth = None > return dict() > #---------------------------------- > > and the view, no_auth.html: > > {{include 'web2py_ajax.html'}} > <script> > $( document ).ready(function() { > $(location).attr('href', '{{=URL('user','login')}}'); > }); > </script> > > The question is, is there any other more elegant way (or not) to do the > same? > > Thanks in advance :) > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.