pretty clear, thx anthony best regards, stifan
On Friday, May 18, 2018 at 6:48:41 AM UTC+7, Anthony wrote: > > On Thursday, May 17, 2018 at 5:57:13 PM UTC-4, 黄祥 wrote: >> >> it's clear enough, thx anthony >> curl -X GET --user user:password -i >> http://127.0.0.1:8000/test/api/header_jwt/table/1 >> *result:* >> Invalid JWT header >> >> open http://127.0.0.1:8000/test/api/header_jwt/table/1 >> *result after login in browser:* >> data shown >> >> is it normal? or did i misunderstand the concept of curl and open the url >> in browser that have decorator allows_jwt() and requires_login() ? >> > > allows_jwt means JWT is *allowed*, not that it is *required*. When you > open the URL in the browser, you will have access as long as you are logged > in in the browser -- JWT is irrelevant in that context. > > Anthony > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.