Sorry I lost my own question for almost a yer :S
Finally I was doing this:
def get_index():
if not auth.user:
return 'Your session has expired, you have to %s again.' % A('login'
, _href=URL('user', 'login'))
or
def remove_ref_blacklisted():
if not auth.user:
return "jQuery('#details').html('Your session has expired, you have
to %s again.');" % A('login', _href=URL('user', 'login'))
So the message was showed in the "details" div with the link to log in
again, *but your answer is what I really was looking for, thanks.*
Why can I not use
@auth.requires_login(otherwise=URL('log_again'))
in tools.py, if login_required and not user and current.request.ajax then
raise 401 before checking for otherwise to redirect.
if login_required:
if not user:
if current.request.ajax:
raise HTTP(401, self.messages.ajax_failed_authentication)
elif otherwise is not None:
if callable(otherwise):
return otherwise()
redirect(otherwise)
I even tried to use user_signature in ajax calls (js in views) with
@auth.requires_signature() but I think I missunderstood something about
that, no luck.
Thanks
El domingo, 19 de junio de 2016, 6:33:47 (UTC+2), Anthony escribió:
>
> What you are doing is roughly equivalent to just doing:
>
> redirect(URL('default', 'user', args='login'), client_side=True)
>
> When you call redirect during an Ajax request, setting client_side=True
> causes the parent window to redirect (via Javascript). So, you could do
> something like:
>
> def get_index():
> if not auth.user:
> redirect(URL('default', 'user', args='login'), client_side=True)
> if not auth.has_membership('role'):
> raise HTTP(403, ...)
>
>
> Anthony
>
>
> On Saturday, June 18, 2016 at 8:47:42 AM UTC-4, Paco Bernal wrote:Hi all,
>
> This is my first question here, although I use it sometimes to read a few
> questions that I make to myself when coding using this cool and great tool.
> Thanks.
>
> A few months ago I started to use ajax to fill middle column of screen
> from clicks (interaction with the user) in the left sidebar and sometimes
> to show right side bar with more info when interacting with middel column.
> Maybe looking for ways to opotimaze data flow in the network and from the
> server, and for learning.
>
> Something like this:
>
> ajax('{{=URL('get_index', vars=dict(filters=''))}}' + filters_post, [],
> 'div_target');
>
> But when the user lose his session (you can delete cookies for example)
> because of ajax to fill a div, nothing happens when the user clicks on the
> left side bar, no error and no redirect to user login even with
> @auth.requires_membership('roll') in defs inside the controller.
>
> So, the only way I found is to add these lines at the beginning of the
> controller :
>
> #----------------------------------
> if not auth.user and not session.not_auth:
> session.not_auth = True
> redirect (URL('not_auth'))
> #----------------------------------
> def not_auth():
> session.not_auth = None
> return dict()
> #----------------------------------
>
> and the view, no_auth.html:
>
> {{include 'web2py_ajax.html'}}
> <script>
> $( document ).ready(function() {
> $(location).attr('href', '{{=URL('user','login')}}');
> });
> </script>
>
> The question is, is there any other more elegant way (or not) to do the
> same?
>
> Thanks in advance :)
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
