HI,
I have two controllers on the same app:
TestApp
|
|---default.py
|---api.py
api is a restful service that will call other services. For security
reasons I would like that all call to these services are passed by the api
restful. (it will work like a proxy in this case)
I did try the following :
in default.py :
@auth.requires_login()
def index():
import requests
json = requests.get(URL('api', 'apps', host=True))
return {"json": json.content}
in api.py:
import requests
apps_url = 'http://localhost:8091/apps'
@auth.requires_login()
@request.restful()
def apps():
response.view = 'generic.json'
def GET(*args,**vars):
r = requests.get(apps_url)
return r
return dict(GET=GET)
If i test this without the api's login decorator everything works fine.
However I can access this restful from anywhere else...
I added then the requires_login to api controller and then i test both URLs
independently from browser, it works ok (login to web2py -> go to
/api/apps -> get my results) however if I do the GET request using
requests.get from default controller i get a* Non Authorized *message and
redirect to login form.
what i'm missing here? i thought that if I was in the same app, auth
session would be shared among different controllers...
any hint on this would be the most welcomed..
Thanks in advanced.
Leandro
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
