Very nice!!! A question:
in how much time expires the token? how to know it? El sábado, 19 de agosto de 2017, 15:31:10 (UTC-7), Oasis Agano escribió: > > CONTROLLER > > > from gluon.tools import AuthJWT > import requests > > def index(): > > response.flash = T("Hello World") > return dict(message=T('Welcome !')) > > > def user(): > > return dict(form=auth()) > > > @cache.action() > def download(): > """ > allows downloading of uploaded files > http://..../[app]/default/download/[filename] > """ > return response.download(request, db) > > def call(): > """ > exposes services. for example: > http://..../[app]/default/call/jsonrpc > decorate with @services.jsonrpc the functions to expose > supports xml, json, xmlrpc, jsonrpc, amfrpc, rss, csv > """ > return service() > > auth.settings.allow_basic_login = True > > > @auth.requires_login() > @request.restful() > def api(): > response.view = 'generic.'+request.extension > def GET(*args,**vars): > patterns = 'auto' > parser = db.parse_as_rest(patterns,args,vars) > if parser.status == 200: > return dict(content=parser.response) > else: > raise HTTP(parser.status,parser.error) > def POST(table_name,**vars): > return db[table_name].validate_and_insert(**vars) > def PUT(table_name,record_id,**vars): > return db(db[table_name]._id==record_id).update(**vars) > def DELETE(table_name,record_id): > return db(db[table_name]._id==record_id).delete() > return dict(GET=GET, POST=POST, PUT=PUT, DELETE=DELETE) > > from gluon.tools import AuthJWT > import requests > > > myjwt = AuthJWT(auth, secret_key='secretsddfsdfsd') > > #this one receives the credentials and gives you a token refer to > gluon/tools.py 1132 line > def login_and_take_token(): > return myjwt.jwt_token_manager() > > @myjwt.allows_jwt() > def protected(): > return '%s$%s' % (request.now, auth.user_id) > > > > > TERMINAL COMMAND FOR TOKEN GENERATOR > > curl -X POST -d username=oasis...@gmail.com <javascript:> -d password=MYPWD > 127.0.0.1:8055/masterw2p/default/login_and_take_token > > AUTH WITH TOKEN ONLY > > > curl -H "Authorization: Bearer > eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ96lu8kSvANNRtvi23E56I4l_DRq7XA" > http://127.0.0.1:8055/ntwaza/default/protected > > > MODEL CONFIG > > from gluon.tools import Auth, Service, PluginManager,AuthJWT,AuthAPI > > # host names must be a list of allowed host names (glob syntax allowed) > auth = Auth(db, host_names=myconf.get('host.names')) > service = Service() > plugins = PluginManager() > auth.settings.allow_basic_login = True > myjwt = AuthJWT(auth, secret_key='secretsddfsdfsd') > > > > > > > > On Friday, June 23, 2017 at 10:49:17 PM UTC+2, Oasis Agano wrote: >> >> Hello, >> >> How can someone implement a token based authentication in web2py; >> Both token generation and authorization? >> >> >> kr, >> Oasis >> > > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.