Ok, I seem to have it working now:
My Code Snippets if anyone is interested:
controllers/default.py
def user_bare():
alg = 'pbkdf2(1000,20,sha512)'
custom_auth_table.password.requires = None
username, password = request.post_vars['username'],
request.post_vars['password']
session.is_logged_in = "NO"
cryptpassword =
str(CRYPT(digest_alg=alg,salt='Mars_Salt_4u')(password)[0])
user = auth.login_bare(username, cryptpassword)
#if auth.is_logged_in() :
if user :
session.is_logged_in = "YES"
if auth.user['company_number'] == 0:
redirect(URL('company_choose'))
else:
redirect(URL('index'))
return dict()
view/default/user_bar.html
{{extend 'layout.html'}}
<INPUT type="button" value="HOME"
onclick="location.href='{{=URL('index')}}'"/>
<form enctype="multipart/form-data"
action="{{=URL()}}" method="post"> <!--{{#or use =form.custom.begin}}-->
<div class="form-group">
<input type="text" class="form-control" name="username">
</div>
<div class="form-group">
<input type="password" class="form-control" name="password">
</div>
<button type="submit">
Submit
</button>
</form> <!--{{#or use =form.custom.end}}-->
*Ben Duncan*
DBA / Chief Software Architect
Mississippi State Supreme Court
Electronic Filing Division
On Thu, Dec 13, 2018 at 2:57 PM Ben Duncan <linux...@gmail.com> wrote:
> Ok, thanks, will revisit it. I was getting insert errors from it before.
> Maybe my ignorance ...
>
>
> *Ben Duncan*
> DBA / Chief Software Architect
> Mississippi State Supreme Court
> Electronic Filing Division
>
>
> On Thu, Dec 13, 2018 at 2:14 PM Anthony <abasta...@gmail.com> wrote:
>
>> Got it, but I don't see login_bare/login_user/update_groups getting in
>> the way of any of that. The update_groups method simply adds a dictionary
>> of the user's current group ids/roles to the session, which can be used
>> instead of doing a database lookup on each request. You are free to ignore
>> it.
>>
>> Anthony
>>
>> On Thursday, December 13, 2018 at 11:34:05 AM UTC-5, Ben Duncan wrote:
>>>
>>> Thanks Anthony.
>>>
>>> I'm trying to maintain some reference to the auth mechanism , but our
>>> needs get a little more convoluted.
>>>
>>> Some Background Info:
>>> This is a accounting system (AR/AP/GL/IV/OE/PR/BI/BR/RMA/ ..etc) based
>>> upon about 30 years of collected source
>>> I have for Chancery / Circuit Clerks for Fees, Fines and restitution and
>>> land records et.all.
>>>
>>> I'm trying to keep it generic as possible for the Supreme Court.
>>>
>>> From the Clerks view, the are elected officials for a particular
>>> County/Jurisdiction. However, in some instances the may cover several
>>> counties / courts (if those are small).
>>>
>>> Courts are grouped in "districts" and we are going to using "company id"
>>> numbers to signify those courts within the districts and all courts under
>>> one
>>> umbrella for the database.
>>>
>>> Now the CLERKS have deputy clerks, who may OR may not be assigned to
>>> multiple county/courts and may be limited to WHAT or what they cannot
>>> do, but are designated by the "company" code to which court they will
>>> have access to.
>>> Add to that, the wants of our Office of the State Auditors our very own
>>> AOC (Administrator of Courts and their auditors) it gets pretty
>>> convulsed in a hurry.
>>>
>>> Now looking at the ACCESS CONTROL stuff, we are really a flipped version
>>> of that - GROUP and MEMBERSHIP before and controlling the
>>> auth_user.as well as company id in the group and membership/permission
>>> file.signifying what court the have jurisdiction to use. (Phew).
>>>
>>> I hope I haven't totally confused you.
>>>
>>> Thanks again ...
>>> *Ben Duncan*
>>> DBA / Chief Software Architect
>>> Mississippi State Supreme Court
>>> Electronic Filing Division
>>>
>>>
>>> On Thu, Dec 13, 2018 at 10:03 AM Anthony wrote:
>>>
>>>> On Wednesday, December 12, 2018 at 6:57:07 PM UTC-5, Ben Duncan wrote:
>>>>>
>>>>> Yes, I wanted to just use the auth_table.
>>>>> Everything else is controlled outside of the normal mechs ..
>>>>>
>>>>
>>>> If you don't want to use the Auth login mechanism, then I suppose you
>>>> can write your own logic. Keep in mind you will then be responsible for
>>>> updating the session with the appropriate auth data so Auth knows the user
>>>> is logged in on each subsequent request. But really, I don't see why you
>>>> would do that just to avoid having the list of group memberships
>>>> automatically updated upon login -- what problem is that creating for you?
>>>>
>>>> Anthony
>>>>
>>>> --
>>>> Resources:
>>>> - http://web2py.com
>>>> - http://web2py.com/book (Documentation)
>>>> - http://github.com/web2py/web2py (Source code)
>>>> - https://code.google.com/p/web2py/issues/list (Report Issues)
>>>> ---
>>>> You received this message because you are subscribed to the Google
>>>> Groups "web2py-users" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to web2py+unsubscr...@googlegroups.com.
>>>> For more options, visit https://groups.google.com/d/optout.
>>>>
>>> --
>> Resources:
>> - http://web2py.com
>> - http://web2py.com/book (Documentation)
>> - http://github.com/web2py/web2py (Source code)
>> - https://code.google.com/p/web2py/issues/list (Report Issues)
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "web2py-users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to web2py+unsubscr...@googlegroups.com.
>> For more options, visit https://groups.google.com/d/optout.
>>
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
